Amazon Prime Day is now here, but with all the great deals to be had, shoppers have been warned to be careful when browsing.
A study from Check Point Research (CRP) has discovered that scammers are posing as Amazon or affiliates to deceive online shoppers – and in the last 30 days alone, more than 1,000 new Amazon-related domains have been registered, 88% of which were identified as suspicious.
Many of these domains are ‘parked’ or not in use, but could be activated or used in phishing attacks in the coming days. The scam comes in various forms, but typically advises customers to update their payment methods to access key benefits – and then, of course, steal their sensitive information.
First targets
As Amazon Prime Day becomes increasingly popular, such scams are unfortunately becoming more common – and because the event specifically encourages customers to order within a certain time frame to access offers and benefits, fraudsters are putting pressure on victims to act quickly with urgent calls to action.
The deception goes further than just emails. Some criminals even go so far as to call customers to “inform” them that their membership is missing information or a payment method; data they will collect and exploit.
Every year around Prime Day, fake sites appear at an accelerated pace looking to take advantage of shoppers looking for discounts.
To stay safe this year, CPR recommends checking URLs and email addresses carefully. Common spelling mistakes are often used to mislead users by pretending to be a trusted site. Also look for HTTPS website URLs, which indicate a more secure connection.
We know the Prime Day deals can be pretty juicy, but be wary of deals that seem unrealistic. Trust your sales instincts, an iPhone for $10 is probably less than legit. Ideally, shoppers should follow the verified Amazon website or app and never click on third-party links.