---
title: "You Didn’t Violate Amazon’s Policies But You Did Get Phished | DuoCircle"
description: "If given a choice between violating Amazon’s policies and getting phished, I’d much rather tick off Amazon."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/phishing-protection/you-didnt-violate-amazons-policies-but-you-did-get-phished/"
---

Quick Answer

A common Amazon-themed phishing scam claims your account is locked for policy violations and asks you to click a 'Verify Now' link to log in. The email and the landing page both copy the Amazon logo and footer to look genuine, but the credentials you enter go to an attacker who then takes over the account and runs fraudulent purchases. Two simple defenses cut almost all of these: treat any inbound mail asking you to verify credentials as suspicious until proven otherwise, and run real-time phishing protection that keeps most of these emails out of the inbox in the first place and re-checks links at click time, so an accidental click on a malicious URL still gets blocked instead of completing the harvest.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fphishing-protection%2Fyou-didnt-violate-amazons-policies-but-you-did-get-phished%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=You%20Didn%E2%80%99t%20Violate%20Amazon%E2%80%99s%20Policies%20But%20You%20Did%20Get%20Phished&url=undefined%2Fblog%2Fphishing-protection%2Fyou-didnt-violate-amazons-policies-but-you-did-get-phished%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fphishing-protection%2Fyou-didnt-violate-amazons-policies-but-you-did-get-phished%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fphishing-protection%2Fyou-didnt-violate-amazons-policies-but-you-did-get-phished%2F&title=You%20Didn%E2%80%99t%20Violate%20Amazon%E2%80%99s%20Policies%20But%20You%20Did%20Get%20Phished "Share on Reddit") [ ](mailto:?subject=You%20Didn%E2%80%99t%20Violate%20Amazon%E2%80%99s%20Policies%20But%20You%20Did%20Get%20Phished&body=Check out this article: undefined%2Fblog%2Fphishing-protection%2Fyou-didnt-violate-amazons-policies-but-you-did-get-phished%2F "Share via Email") 

![You Didn't Violate Amazon's Policies But You Did Get Phished](https://media.mailhop.org/duocircle/images/2019/09/spf-permerror-7341.jpg) 

If given a choice between violating Amazon’s policies and getting phished, I’d much rather tick off Amazon. But hackers think that you think differently, which is the motivation for their latest **phishing scam**.

From Hoax Slayer, “According to an email, which purports to be from Amazon, your account will be locked because of violated policies. Supposedly, you are required to click a link to login and verify your account. The email features the Amazon logo and seemingly legitimate footer information in an effort to make it seem genuine. However, the **email is fraudulent** and the claim that your account has been locked is false.”

[![email is fraudulent](https://media.mailhop.org/duocircle/images/2019/09/sendgrid-alternative-7342.jpg)](https://media.mailhop.org/duocircle/images/2019/09/sendgrid-alternative-7342.jpg)

The article goes on to say, “If you click on the ‘Verify Now’ link, a fake Amazon website will load in your browser. As with the email, _the bogus site features the Amazon logo and other elements to make it appear genuine._”

From there, the bogus website attempts to **harvest your credentials** after which the crooks can take control of your Amazon account and make fraudulent purchases.

The bad news is that scams like this are very common with Amazon. _The good news is that protecting yourself from them is very easy_. First, you should always be suspicious of any email you receive asking you to verify your credentials. That’s always a dead giveaway of a **phishing email**. More importantly, there is inexpensive technology available to ensure you never have to worry about it.

[![ phishing protection](https://media.mailhop.org/duocircle/images/2019/09/smtp-service-7343.jpg)](https://media.mailhop.org/duocircle/images/2019/09/smtp-service-7343.jpg)

Real-time [phishing protection](/email/phishing-protection) from DuoCircle protects you from scams like this two ways. First, _it keeps most of these phishing emails out of your inbox so you never even see it_. Second, and more importantly, if a phishing email gets through AND you accidentally click on a malicious link, DuoCircle phishing protection protects you from that too.

You should never be in a position where you have to choose between violating policies and getting phished. And you don’t have to with phishing protection from [DuoCircle](/).

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  Phishing 11m  AI-Generated Phishing Has Eliminated the Typo: Why Traditional Email Filters Are No Longer Enough  Apr 28, 2026 ](/blog/ai-generated-phishing-eliminates-typos-making-traditional-email-filters-ineffective/)[  Phishing 5m  10 Applications of ChatGPT that Hackers Are Already Exploiting  May 3, 2023 ](/blog/phishing-protection/10-applications-of-chatgpt-that-hackers-are-already-exploiting/)[  Phishing 4m  65% of Global Businesses Ill-Equipped to Defend Against Email-Based Cyber-Attacks  Mar 29, 2016 ](/blog/phishing-protection/65-global-businesses-ill-equipped-defend-email-based-cyber-attacks/)[  Phishing 9m  7 Ways to Protect Your Organization from Email-based Ransomware Attacks  Feb 11, 2018 ](/blog/phishing-protection/7-ways-protect-organization-email-based-ransomware-attacks/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"You Didn’t Violate Amazon’s Policies But You Did Get Phished","description":"If given a choice between violating Amazon’s policies and getting phished, I’d much rather tick off Amazon.","url":"https://www.duocircle.com/blog/phishing-protection/you-didnt-violate-amazons-policies-but-you-did-get-phished/","datePublished":"2019-09-26T17:31:19.000Z","dateModified":"2025-05-23T15:41:40.000Z","dateCreated":"2019-09-26T17:31:19.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/phishing-protection/you-didnt-violate-amazons-policies-but-you-did-get-phished/"},"articleSection":"phishing-protection","keywords":"","wordCount":323,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2019/09/spf-permerror-7341.jpg","caption":"You Didn't Violate Amazon's Policies But You Did Get Phished","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"Phishing"},{"@type":"ListItem","position":3,"name":"You Didn’t Violate Amazon’s Policies But You Did Get Phished","item":"https://www.duocircle.com/blog/phishing-protection/you-didnt-violate-amazons-policies-but-you-did-get-phished/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"Phishing","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"You Didn’t Violate Amazon’s Policies But You Did Get Phished","item":"https://www.duocircle.com/blog/phishing-protection/you-didnt-violate-amazons-policies-but-you-did-get-phished/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"You Didn’t Violate Amazon’s Policies But You Did Get Phished","description":"If given a choice between violating Amazon’s policies and getting phished, I’d much rather tick off Amazon.","url":"https://www.duocircle.com/blog/phishing-protection/you-didnt-violate-amazons-policies-but-you-did-get-phished/","datePublished":"2019-09-26T17:31:19.000Z","dateModified":"2025-05-23T15:41:40.000Z","dateCreated":"2019-09-26T17:31:19.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/phishing-protection/you-didnt-violate-amazons-policies-but-you-did-get-phished/"},"articleSection":"phishing-protection","keywords":"","wordCount":323,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2019/09/spf-permerror-7341.jpg","caption":"You Didn't Violate Amazon's Policies But You Did Get Phished","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```
