For online shoppers, Amazon Prime Day has become an annual retail event, an opportunity to pick up bargains and save money. However for hackers, it’s also an opportunity to target consumers eager to secure a deal.
Cybersecurity company Avanan has warned of an increase in phishing and credential harvesting email attempts in June in advance of Amazon’s event. It says hackers are using a range of scams to target consumers, including email campaigns that dangle the promise of an Amazon gift card in return for taking a survey.
Writing on Avanan’s blog, marketing content manager Jeremy Fuchs said that such email campaigns trade heavily on Amazon’s brand recognition.
“This particular attack starts by utilizing Amazon’s name and credibility. When users see an email that appears to come from Amazon, they are more likely to trust it. A subject line which refers to recent deliveries is also something that seems plausible,” he said.
“Impersonating a brand is a classic social engineering tactic. Impersonating perhaps the world’s most recognizable brand is a surefire way to get at least some people to engage.”
Checkpoint Research found a 37% increase in daily Amazon-related phishing attacks compared to the average in June. Last year, the same organization registered an 86% increase in phishing attempts related to the sale.
“All Amazon users should be mindful of spoofed or unauthentic emails. Cyber-criminals utilize this common attack vector because people often focus on the branding and aesthetics of the email to mistakenly click a malicious link. Outside of an order summary or a notification of a remote account login (or log in from a new device), Amazon rarely sends advertising emails,” said Darren Guccione, CEO and co-founder at Keeper Security, a Chicago-based provider of zero-trust and zero-knowledge cybersecurity software.
“Thus, we do not recommend clicking on any links from emails purportedly sent by Amazon which in actuality may originate from a malicious attacker and thus may not be authentic. These links could contain malware or route a person to a nefarious website to enter their account credentials. Always check the URL that the site navigates you to.”