Check Point Research has already detected phishing emails and dubious websites intended to defraud potential customers ahead of Amazon Prime Day 2022, which is scheduled for July 12 and 13.
Cyber thieves enjoy taking advantage of seasonal activities and events, especially those that attract a lot of public attention. One such seasonal occasion is Amazon Prime Day, in which the retail behemoth launches a number of alluring offers for customers wanting to save money.
Scammers have already begun targeting Prime customers in an effort to spread malware or steal personal information, much as in previous years. Check Point Research, a supplier of cyber threat information, issued a paper on Wednesday that looks at the different dangers that Prime customers may encounter and provides tips for avoiding them.
Online theft in connection with Amazon Prime Day
Check Point reported a 37 percent increase in Amazon-related phishing attempts at the beginning of July compared to the daily average for June. This is in preparation of this year’s Amazon Prime Day, which is scheduled for July 12 and 13. Additionally, about 1,900 brand-new “Amazon” domains appeared in June, and nearly 10% of them were discovered to be malicious or suspicious.
But compared to last year, when 2,303 new Amazon-related domains were discovered in the weeks leading up to Amazon Prime Day, and 78 percent of them were deemed hazardous, this year’s activity is down.
Why the drop? To avoid being discovered, online criminals can avoid using the word “Amazon” while registering their domain names. Additionally, these con artists could be reserving these names for a later time and don’t want them to come to public attention.
One of the phishing emails that Check Point has previously identified makes the claim to be for an Amazon order that was cancelled owing to payment problems. With the subject line “Order Canceled Unpaid INV,” the mail appears to be from Amazon Customer Support. However, if the receiver clicks on the linked file, dropper malware will be installed on their computer.
Another phishing scam asks the receiver to click on a link to authorise a payment method for an Amazon purchase; this one targets Amazon customers in Japan. However, doing so directs the user to a fake login page where they are prompted to input their Amazon account information. The website has been down since Check Point’s inquiry.
Avoiding phishing schemes at Amazon Prime Day
Phishing emails employ a few crucial psychological strategies to get unwary users to fall into the trap. These emails frequently convey a sense of urgency to keep the receiver from considering the message’s legitimacy too much.
These emails may purport to be from a CEO or other top executive of a firm in order to project an air of authority. Some phishing emails go so far as to scare the receiver by threatening to reveal stolen personal information if they don’t comply.
Check Point gives the following advice for avoiding phishing scams, particularly those related to Amazon Prime Day:
Beware of emails that spell Amazon.com incorrectly. Look for websites that utilise a similar top-level domain and Amazon misspellings. These fake websites may resemble Amazon’s official website, but they are created to deceive you.
To find the lock icon, look. Avoid making any purchases from websites without Secure Sockets Layer (SSL) encryption. By looking for the S in HTTPs or by examining the lock icon in the URL bar or status bar, you may determine whether the website employs SSL.
Keep your information sharing to a minimum. Your birthdate or social security number are not required to be known to internet retailers. The more information you provide, the easier it is for hackers to take over one of your accounts.
Keep your Amazon password secure. Make sure your Amazon password is secure before Amazon Prime Day. If your account is ever compromised, it will be harder to crack the more secure the password is.
Avoid using open Wi-Fi networks. Use a private network instead to conduct your Amazon Prime Day shopping, whether you are at an airport, hotel, or coffee shop. Attackers can acquire email, financial information, and other sensitive data by intercepting your activities.
Be wary of deals that seem too good to be true. On Prime Day, there may be excellent sales. However, if they seem too good to be true, you could be purchasing from a site that is a copycat.
Utilize a credit card. Always attempt to use a credit card rather than a debit card when making purchases online. In the event that they are lost, credit cards provide more protection and less accountability.