With Amazon Prime Day fast approaching, scammers and cybercriminals are getting ready to rip you off
Check Point, an Israeli security firm, and Bolster, a Silicon Valley company that discovers fake websites, have both seen a significant increase in domain registrations related to "Amazon," "Prime," or both
Check Point reported in a blog post today (October 9), "Just as you look for bargains, hackers will be targeting victims with phishing on Amazon Prime Day"
Hackers will lure users with phishing emails, instant messages, or texts that promise deals too good to be true, or that users will misspell "Amazon" or type in the name of another popular retailer that also has a sale Expectations
Check Point states that in the past 30 days, "there was a 21% increase in domains containing the word 'Amazon' compared to the previous month" Registrations of domains containing the words "Amazon" or "Prime" have doubled in the past 30 days, with 20% of those domains being malicious
Bolster reported a similar spike in fake Amazon sites since August, and found and analyzed two more fake sites
One, called AmazonCustomerSupportnet (now closed), copied Amazon's graphics and branding and offered refunds for canceled Amazon orders However, as Bolster's Young-Sae Song explained in a blog post yesterday (October 8), there have been several tip-offs that this is not the real deal
"The form asks for bank and credit card information," Song wrote
"Amazon always offers refunds to the original payment method or a gift card
The fake site also prominently lists a phone number that can be called for quick support, which many frequent Amazon shoppers may find unusually helpful
"Amazon does not endorse customer service over the phone, and it takes a lot of effort to find phone support on a real Amazon site," Song wryly noted
Surprisingly, the site does not ask for an Amazon username or password Perhaps the scammers behind this site have made enough money stealing your credit cards that they don't need to hijack your Amazon account
Another site Bolster found is still up and running, a variant of the "iPhone giveaway" scam that has been emailed to many Americans over the past few months
The site claims to be part of the "Amazon Loyalty Program" and tells people they have been given a chance to win an iPhone 11 Pro There is also a list of fake positive testimonials from people claiming to have received a free iPhone
You have to answer a simple but pointless questionnaire (eg, question: "Are you a man or a woman?") and then play a game in which you are always the winner
"You won You have won an iPhone 11 Pro" is written on the page after playing the game Then, "Click 'OK' to visit our sponsor page" and "Enter your address and pay $1 for shipping to win an iPhone 11 Pro"
The page then displays
Go to another site that asks for your name, address, email address, and phone number, and on the second page, enter your credit card information and pay the $1 "shipping fee"
"Despite glowing reviews, the $999 phone never arrives, and shoppers begin to see strange charges on the credit card number provided," Bolster's Song wrote
Both companies offer advice on how to avoid being fooled by Prime Day scams Instead of clicking on links in e-mails, Bolster recommends going directly to Amazoncom and other well-known retail websites to find deals
He also recommends looking for unclear images and logos, and says that familiarizing yourself with the Amazon "buying experience" will help you spot deviations from legitimate procedures more quickly
"For example, saved payment information should not be re-entered during the purchase process," writes Bolster's Song If you are asked to re-enter the information, it is extremely likely that the site is a fraudulent site" "
Check Point advises to make sure that "Amazon" is not misspelled in the URL and that the domain name does not end in anything other than "com"
Also, use credit cards rather than debit cards when making purchases (debit cards have weak fraud protection), do not use public Wi-Fi networks, make sure your Amazon password is strong and unique, and beware of offers that look too good to be true They also recommend being wary of offers, and remembering that online retailers do not need to know your date of birth or Social Security number
For additional online shopping advice, see How to Shop Safely on Black Friday and Tips for Shopping Safely on Cyber Monday
Comments