Security researchers have warned bargain-hunting shoppers to be on the lookout for scams this Amazon Prime Day, after discovering many lookalike domains. Check Point said that, in June alone, it recorded more than 1000 domains with names resembling “Amazon” and “Amazon Prime,” 87% of which have been flagged as malicious or suspicious.
The security vendor warned that big-name online events like Prime Day are a magnet for fraudsters, who tend to target victims via fake (phishing) sites impersonating Amazon login or checkout pages, and phishing emails. The former are typically created to steal legitimate Amazon logins and personal information, and could lead to “unauthorized purchases, identity theft, or gift card abuse,” Check Point claimed.[1]
The vendor added that phishing emails are often designed to create a sense of urgency in the recipient, such as by claiming ‘refund errors’ or ‘account issues.’ “Recently, Check Point Research intercepted a phishing campaign spoofing Amazon,” it explained. “One email used the subject line ‘Refund Due, Amazon System Error’ with the sender’s email address spoofed to appear as if from Amazon, tricking recipients into clicking a link to ‘update their address.’ The link led to a fraudulent Amazon login page created to harvest the user’s credentials.”
When Prime Day lands on 8 July, consumers are urged to:
- Plan their purchases carefully, by visiting Amazon’s website or app directly.
- Avoid clicking links in unsolicited emails claiming to be from Amazon.
- Check URLs, only use websites with HTTPS and don’t trust offers that seem too good to be true.
- Use strong passwords, switch on two-factor authentication, and consider safe payment options like virtual credit cards or payment apps.
- Slow down if they receive a message that uses classic social engineering techniques to rush them into responding.
“Cyber threats around Prime Day are no accident; they’re calculated, large-scale campaigns designed to exploit consumer behavior,” argued Omer Dembinsky, group manager, research & threat intelligence at Check Point Software Technologies. “Awareness and prevention are powerful defences. With the right tools and habits, shoppers can enjoy the deals without falling for the bait.”
This article is shared with permission at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.infosecurity-magazine.com/news/hundreds-malicious-domains/
Comments