Merchants are advertising bogus goods using fake Amazon email accounts.
Amazon is hosting fraudsters posing as private sellers on its Marketplace platform and is then refusing to compensate victims conned into paying for non-existent goods - despite what appears to be a major security breach by the shopping giant.
The website is unwittingly allowing fake merchants – some of whom are able to hack into genuine vendors' accounts – to advertise bogus goods on official emails sent to customers suggesting they "might be interested in these items".
After clicking on the "learn more" button beside an item, which are frequently described as "used" and offered for less than half the usual retail price, Amazon customers are then asked to privately email the third-party seller for more information, said the Daily Mail.
In a classic "phishing" operation, fraudsters are then able to con victims into paying for non-existent goods externally via an bank transfer rather than inside the Amazon website.
Scammers then frequently make the con look authentic by sending what appears to be a genuine Amazon order confirmation email but is in fact from a bogus account not linked to the US web giant.
Amazon say they are not obliged to compensate users if they pay for items outside their framework, even if the online retailer's own security operation has failed to prevent fraudsters using its Marketplace, which is a platform that allows third-party vendors sell products alongside Amazon's own offerings.
Paul Hennessy, a British victim of this scam, lost $908 after handing over $869 to a bogus seller for a non-existent garden furniture set and $38 to his bank for an international transfer to a Czech account the fraudster provided him with.
The 53-year-old photographer, from Hildenborough, Kent, had added a similar Arizona Rattan six-chair and table set costing to $1,667.96 to his Amazon basket before receiving an email believed to be from Amazon (firstname.lastname@example.org) suggesting he could buy the same item for almost half the cost from a third party seller.
He saw no reason to be concerned – even when he was asked to email the fraudster posing as a vendor - because they seemingly had their own seller's page on the trusted Amazon website.
An Amazon source revealed that the account of the third party seller, a legitimate vendor, had been "taken over by a fraudster" who was then able to use it to con Mr Hennessy.
It was only after he had sent the bank transfer that he felt suspicious and checked with Amazon, who confirmed that that the confirmation order number was fake and the sender's email address email@example.com was nothing to do with Amazon.
He told his bank, who are now trying to retrieve the payment, and informed police. The National Fraud Intelligence Bureau are now investigating.
Mr Hennessy, a father of two, said: "I believe that I have been the victim of a sophisticated fraud as a result of serious security failings by Amazon.
"I should expect to be able to trust a company as big as Amazon to ensure that fraudsters cannot use its platform to con customers."
In recent years Amazon have been repeatedly warned about fraudsters posing as sellers, with technology websites revealing how the con artists can get away with their crimes.
Heather Lyons, an executive for customer relations at Amazon.co.uk, apologised to Mr Hennessy for the incident but refused to pay any compensation or make any kind of goodwill gesture.
In an email, she wrote: "My sincere apologies for the inconvenience that has been caused by this situation.
"We provide an A-to-z Safe Buying Guarantee for all orders placed with Marketplace Sellers when the order is paid for through Amazon.co.uk.
"On this occasion, as you made payment to the Seller outside Amazon.co.uk you aren't eligible for the A-to-z Safe Buying Guarantee and we are unable to provide any further assistance.
"We will gladly co-operate with your bank and the police if they contact us."
Mr Hennessy added: "This is not good enough. I have lost a lot of money and Amazon's poor security are to blame."
Amazon UK said they do not comment on individual cases.
A spokesman said: "Amazon.co.uk Marketplace is safe, secure and guaranteed. Payment within the Amazon.co.uk site is the only authorised and recognised form of payment for items sold by Sellers on Amazon.co.uk.
"Every customer who orders on Amazon.co.uk is covered by our A-to-z guarantee; however items paid for outside of the Amazon.co.uk Marketplace aren't eligible for protection.
"We advise customers never to pay for a Marketplace item outside of the Amazon.co.uk site and for the security of our customers, all communication for Marketplace items between the Seller and buyer should be conducted solely through the Amazon.co.uk site.
"If a customer is contacted by a Seller requesting payment via another method, we ask that they report it to us.
"Should an unauthorised person have gained access to a Seller's account as a result of receiving account information outside of Amazon, we'll take appropriate."