Fraudulent Amazon Address Change with USPTO

Amazon Fraud with USPTO Address Change

The United States Patent and Trademark Office (USPTO) recently added a new policy to send notifications to trademark owners if their correspondence is updated within the USPTO database. This policy intends to thwart fraudulently activity of those looking to misdirect an email communication.

This is undoubtedly in relation to Amazon Brand Registry’s policy of sending authorization codes to the email listed in the USPTO correspondence information.

What is Happening on the USPTO?

Unauthorized users file a correspondence update pretending to be the trademark owner and update the email address.

1. Why would someone want to update the email address?
   • Amazon contacts the correspondent when sending out authorization codes for its Brand Registry. Specifically, Amazon sends authorization codes under the subject line “Action Required: Request from Amazon Brand Registry.” The unauthorized user wants that code to register their own brand.
   • Within the USPTO database the unauthorized user fraudulently provides a signature by copying the owner’s name and electronically signing their name authorizing the email update.
   • By updating the email address all of these Amazon authorizations go to the new fraudulent email.
2. Why doesn’t USPTO correct this?
   • By signing using the owner’s signature the USPTO is unaware whether the change is accurate or a misrepresentation of the actual owner. Thus, the USPTO cannot tell if it is fraud without the owner’s help.
   • The only recourse for the USPTO is send notifications to the prior listed contact via an email with the subject line “Alert on Potentially Unauthorized Change of Correspondence,” which they have started doing.
3. How do you know this is related to Amazon?
   • The USPTO provides information in its warning email that ties the activity to Amazon. Specifically, the USPTO states:
     • You should also consider contacting any third-party brand registry with which you, your company, or your client may have an ongoing relationship to determine if an unauthorized party has claimed ownership of the affected mark. In the case of Amazon.com, you may send an email to [email protected] (providing the trademark registration number and your contact information) to inquire about whether the mark has been submitted for inclusion on the Amazon Brand Registry and request specialized attention to this matter.

Someone Fraudulently Obtained Amazon Brand Registry What Do I Do?

The USPTO has provided some general guidelines on the action you should take:

1. First, review the status of your mark to make sure the contact information was changed.
   • You can do that by following these instructions:
     1. Click on the following link: http://tsdr.uspto.gov/
     2. Enter in your Serial No.
     3. Click “Status”.
     4. Scroll down and click “Attorney/Correspondence Information” (5th drop down from the bottom).
     5. Check “Correspondent e-mail” to make sure it represents your email. If it does not please proceed to #2 below.
2. If fraudulent activity occurred report the activity to Amazon via email at [email protected] (providing the trademark registration number and your contact information) and inquire about whether the mark has been submitted for inclusion on the Amazon Brand Registry and request specialized attention to the matter.
3. Next, change your correspondence back to your email address. Please be aware if they successfully changed your email odds are they also successfully obtained an authorization code from Amazon. So be sure not to skip step 2 above.
   • You can change your email address by following these instructions:
     1. Click on the following link: https://www.uspto.gov/trademarks-application-process/filing-online/correspondence-and-attorneydomestic-representative
     2. Click on number 1 “Change of Correspondence Address Form.”
     3. Next enter your Serial No. in the text box.
     4. Here, you’ll be able to see the “Primary Email Address,” click “Continue.”
     5. You should now be on the page “Change of Correspondence Address.” Here, make the changes to the correct information. Be sure to update the email address in the final box.
     6. Then “sign directly” as unrepresented owner.
     7. You’ll get confirmation of the update via email.
4. Lastly, contact the USPTO alerting them to the fraud.
   • The USPTO has provided instructions on the following page under #2 in the following link: https://www.uspto.gov/trademark/trademark-updates-and-announcements/unauthorized-changes-your-file

Who is Behind the Amazon Fraud?

From July 2018 there was an 11,000% spike in correspondence update requests related to this fraudulent activity.

• It seems it is someone hiding behind 163.com as most of the emails used come from this email extension. One such use was from [email protected].
• 163.com is owned by Guangzhou NetEase Computer System Co., Ltd (NetEase) a Chinese company.
• 163.com is a free email service for Chinese citizens.
• Domain abuse sites complain of 163.com email address owners stealing their Amazon profiles. Here, you can see an anonymous contact from France indicating “email from amazon sent to [email protected] instead of my email address. My amazon account has been hacked.”
• A few emails are also coming from zoho.com email accounts.

Unfortunately,163.com and zoho.com are third party web-based email services. To report these sites would be similar to reporting gmail.