With Amazon Prime Day 2022 set for July 12 and 13, Check Point Research has seen phishing emails and dubious domains designed to defraud potential shoppers.
Cybercriminals love to exploit seasonal activities and events, especially those that attract a lot of public attention. Amazon Prime Day is one of those seasonal events in which the retail giant kicks off a series of hot sales for consumers looking to save money.
As in previous years, scammers have targeted Prime shoppers in an attempt to deploy malware or steal sensitive information. One The report was released on Wednesday by threat intelligence provider Check Point Research looks at the types of threats Prime shoppers face and offers advice on how to avoid them.
Cybercrime Activity on Amazon Prime Day
Ahead of Amazon Prime Day on July 12 and 13, Check Point said it saw a 37% increase in Amazon-related phishing attacks in early July compared to the daily average in June. Furthermore, nearly 1,900 new domains using the term “Amazon” appeared in June, with nearly 10% of them found to be malicious or suspicious.
UNDERSTAND: Have you ever seen confusing phishing emails? You’re not alone (TechRepublic)
However, this year’s activity shows a drop from last year when 2,303 new Amazon-related domains were found in the weeks leading up to Amazon Prime Day and 78% of them were considered risky.
Why the decline? Cybercriminals may not use the term “Amazon” in their domain registration to avoid detection. Plus, these scammers may be saving these domains for future use and don’t want them on anyone’s radar.
Among the phishing emails that were detected by Check Point, one that was supposed to be for an Amazon order was canceled due to payment issues. The fake message was from Amazon Customer Support with the subject line being “Order canceled for INV.” But any recipient who clicks on the attachment will find their computer infected with the malware dripping.
Another phishing scam, which targets Amazon customers in Japan, invites recipients to click on a link to approve a payment method for an Amazon item. However, doing so takes the victim to a fake login web page that asks them to enter their Amazon account credentials. Following Check Point’s investigation, the site went offline.
Protect yourself from Amazon Prime Day scams
Phishing emails use certain key psychological tactics to try to convince unsuspecting users to fall for the trap. Such emails often create a sense of urgency to prevent the recipient from thinking too much about whether the message is legitimate or not.
UNDERSTAND: Password Breach: Why Pop Culture and Passwords Don’t Go Together (Free PDF) (TechRepublic)
To convey an atmosphere of authority, these emails are sometimes attributed to an executive or top-level executive in a company. Some phishing emails even threaten the recipient by vowing to reveal stolen personal data unless the person complies.
To protect yourself from phishing scams, especially those focused on Amazon Prime Day, Check Point offers a few tips:
Watch out for misspelled emails Amazon.com. Spell check by Amazon and similar top-level domains. These replica websites may look like the actual Amazon website but are designed to trick you.
Find the padlock icon. Do not purchase anything from a website that does not have Secure Sockets Layer (SSL) encryption. You can tell if a site uses SSL by looking for the S in HTTPS or checking the padlock icon in the address bar or status bar.
Share as little information as possible. No online retailer needs to know your date of birth or social security number. The more you reveal, the easier it is for attackers to take over one of your accounts.
Have a strong Amazon password. Before Amazon Prime Day, make sure your Amazon password is strong enough. The stronger the password, the harder it will be for your account to crack if breached.
Beware of public Wi-Fi networks. Whether you’re at the airport, hotel, or coffee shop, don’t use public networks to shop on Amazon Prime Day. Attackers can intercept your activity to access your email, payment details, and other sensitive information.
Beware of bargains that sound too good to be true. Deals can be great on Prime Day. But be wary if they sound too great, as that could mean you’re shopping at a copycat site.
Use your credit card. When shopping online, always try to use your credit card, not your debit card. Credit cards offer more protection and less liability if they are stolen.