Ecommerce major Amazon is all set to host its annual Prime Day sale. Amazon Prime Day Sale will start at midnight on July 20, 2024. However, cybercriminals leverage this occasion to carry out phishing attacks, preying on unsuspecting shoppers. These attackers employ deceptive tactics, such as sending fake emails or creating fraudulent websites, aiming to steal personal information or financial credentials.
While Prime Day offers incredible savings, it is crucial for shoppers to remain vigilant, exercise caution while clicking on links or providing sensitive information, and ensure they are navigating legitimate platforms.
Malicious websites
Ahead of Amazon Prime Day in July 2024, Checkpoint observed a significant increase in cyberattacks related to Amazon Brand. The security solutions provider also listed 25 malicious websites. The list includes:
– amazon-onboarding[.]com
* amazonmxc[.]shop
* amazonindo[.]com
* shopamazon2[.]com
* microsoft-amazon[.]shop
* amazonapp[.]nl
* shopamazon3[.]com
* amazon-billing[.]top
* amazonshop1[.]com
* fedexamazonus[.]top
* amazonupdator[.]com
* amazon-in[.]net
* espaces-amazon-fr[.]com
* usiamazon[.]com
* amazonhafs[.]buzz
* usps-amazon-us[.]top
* amazon-entrega[.]info
* amazon-vip[.]xyz
* paqueta-amazon[.]com
* connect-amazon[.]com
* user-amazon-id[.]com
* amazon762[.]cc
* amazoneuroslr[.]com
* amazonw-dwfawpapf[.]top
* amazonprimevidéo[.]com
How cybercriminals fool buyers
Fraudsters use phishing technique to fool the customers. Phishing attacks often begin with a message sent via email, social media, or other electronic communication means. Cybercriminals use public resources like social networks to gather background information about their victims, which helps them craft convincing fake messages. These messages typically contain malicious attachments or links to fake websites that appear to be owned by trusted entities like Amazon.
How to stay safe
To help online shoppers stay safe this year, Check Point researchers have outlined practical security and safety tips:
1. Check URLs carefully: Be wary of misspellings or sites using a different top-level domain (e.g., .co instead of .com). These copycat sites may look attractive but are designed to steal your data.
2. Create strong passwords: Ensure your Amazon.com password is strong and uncrackable before Prime Day to protect your account.
3. Look for HTTPS: Verify that the website URL starts with https:// and has a padlock icon, indicating a secure connection.
4. Limit personal information: Avoid sharing unnecessary personal details like your birthday or social security number with online retailers.
5. Be cautious with emails: Phishing attacks often use urgent language to trick you into clicking links or downloading attachments. Always verify the source.
6. Skeptical of unrealistic deals: If a deal seems too good to be true, it likely is. Trust your instincts and avoid suspicious offers.
7. Use credit cards: Prefer credit cards over debit cards for online shopping as they offer better protection and less liability if stolen.