Everyone’s pumped for this year’s Amazon Prime Day — including scammers. Last year, shoppers worldwide bought over 300 million items, giving criminals many opportunities to swoop in and steal information.
These crafty crooks have plenty of tricks up their sleeve, especially when it comes to phishing attacks. To avoid their schemes and order those Prime Day deals without a side of identity fraud, keep on reading.
It’s Prime time
Cybersecurity provider Check Point put together some eye-opening research around Amazon Prime Day and the associated scams. They found that Amazon Prime phishing campaigns grew 16 times higher in June compared to May.
Overall, Amazon-related phishing activity increased by 8%. Clearly, the bad guys are doing some hard-core prepping for game day.
Within that window, roughly 1,500 new web domains related to the word “Amazon” were discovered. A whopping 92% of these websites were found to be suspicious or flat-out malicious.
One out of every 68 new domains related to “Amazon” were explicitly associated with Prime, and 93% of those websites were deemed uber-sketchy.
Gone phishin’
Phishing scams come in all shapes and sizes. They typically come in the form of fake emails or bogus websites with the end goal of stealing your personal information or financial credentials.
Phishing emails are made to look like they’ve been sent from someone you know or a reputable organization (like Amazon). The phishing attacks are carried out through links, attachments or forms within the emails. Cybercriminals can steal personal info once a person clicks on a malicious link or opens the attachment.
You can usually spot phishing emails if there are a ton of misspellings or wonky-looking fonts, logos and layouts. However, crooks have been learning from their mistakes and making emails look more authentic.
Here are some examples of the kinds of phishing scams to look out for on Prime Day:
Credentials theft
Here, a fake email notifies the recipient of a bogus billing issue. There’s also a malicious link to update payment information.
Credit card theft
In this one, the phishing email states that the recipient’s Amazon account is locked. It also includes a bogus link to update their profile and a form to update credit card info.
Fake Amazon payment page
Here’s an example of a fraudulent website made to look exactly like an Amazon payment page:
Splurge safely
Here are some helpful pointers for smart Prime Day shopping:
- Watch for misspellings of Amazon.com or sites using a slightly different domain (i.e. “Amazon.co”).
- Create a new strong password for your Amazon account before July 11.
- Look for the lock symbol next to the web address, especially on payment pages. This indicates the site has a secure sockets layer (SSL) encryption installed.
- Stay away from any “too good to be true” bargains. Although many Prime Day deals are amazing, 80% off a new Apple computer is probably … not real.
- Pay with credit cards. Debit cards are linked to your bank account, and getting your money back is more complicated.
Sick of your Prime account? Here’s how to cancel it without getting lost in the maze of instructions.
We may receive a commission when you buy through our links, but our reporting and recommendations are always independent and objective.