Amazon Prime Day is here, but along with all the great deals to be had, shoppers have been warned to be careful when browsing.
A study by Check Point Research (CRP) has found that scammers impersonate Amazon or its affiliates to deceive online shoppers, and in the last 30 days alone, more than 1,000 new Amazon-related domains have been registered, 88% of which were identified as suspects.
Many of these domains are 'parked' or not in use, but could be activated in the coming days or used in phishing attacks. Scams come in a variety of forms, but they commonly advise customers to upgrade their payment methods to “access” core benefits and, of course, then steal their sensitive information.
Main objectives
As Amazon Prime Day grows in popularity, these types of scams have sadly become more common, and because the event specifically encourages customers to place orders within a specific time period to access deals and benefits, Scammers pressure victims to act quickly with urgent calls to action.
The deception also goes beyond emails: some criminals go as far as calling customers to “inform” them that their memberships are missing information or a payment method, data they will collect and exploit.
Every year around Prime Day, fake sites appear at a rapid pace seeking to take advantage of discount-seeking shoppers.
To stay safe this year, CPR recommends carefully reviewing URLs and email addresses; Common misspellings are often used to trick users by pretending to be a trustworthy site. Also, look for HTTPS website URLs, which indicate a more secure connection.
We know the deals on Prime Day can be pretty juicy, but be wary of any that seem unrealistic – trust your instincts about sales, an iPhone for $10 probably isn't legit. Ideally, buyers should stay on the verified Amazon website or app and never click on third-party links.
