Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

Kết quả hình ảnh cho Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks A spike in phishing and malicious websites aimed at defrauding Amazon.com customers aim to make Prime Day a field day for hackers. ... Researchers analyzed hundreds of millions of web pages to track the number of new phishing and fraudulent sites using the Amazon brand and logos.

Cybercriminals are tapping into Amazon’s annual discount shopping campaign for subscribers, Prime Day, with researchers warning of a recent spike in phishing and malicious websites that are fraudulently using the Amazon brand.

There has been a spike in the number of new monthly phishing and fraudulent sites created using the Amazon brand since August, the most significant since the COVID-19 pandemic forced people indoors in March, according to a Thursday report from Bolster Research.

“As shoppers gear up for two days of great deals, cyber criminals are preparing to prey on the unwary, taking advantage of those who let their guard down to snap up bargains,” researchers wrote.

Prime Day actually happens over two days—this year the event falls on Oct. 13 to 14. Amazon Prime customers enjoy special sales and discounts on top brands to mark the biggest shopping event of the year on the online retail giant’s site.

Amazon last year yielded over $7 billion in sales during the 36-hour event, which could go even bigger this year due to “the decline of brick and mortar retail and the close proximity to the holidays,” researchers noted. Indeed, mandatory stay-at-home orders globally that began with the COVID-19 pandemic in March have significantly boosted Amazon’s business, a trend that shows no signs of abating.

Researchers analyzed hundreds of millions of web pages to track the number of new phishing and fraudulent sites using the Amazon brand and logos. Its research shows threat actors taking advantage of both Amazon features and consumer behaviors to try to lure online shoppers to fraudulent sites that can steal their credentials, financial information and other sensitive data.

One new campaign targets “returns” or “order cancellations” related to Prime Day using a fraudulent site, www.amazoncustomersupport[.]net, that mimics a legitimate Amazon site. However, closer examination of the site shows it is clearly designed to defraud consumers, researchers noted.

vulnerabilities web security amazon amazon prime bolster research consumers covid-19 credential theft malicious websites online retailers online security online shopping phishing prime day

What is Geek Coin

What is GeekCash, Geek Token

Best Visual Studio Code Themes of 2021

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Holiday Shopping Craze, COVID-19 Spur Retail Security Storm

Veracode's Chris Eng discusses the cyber threats facing shoppers who are ... Holiday Shopping Craze, COVID-19 Spur Retail Security Storm.

Experts Weigh in on E-Commerce Security Amid Snowballing Threats

Experts Weigh in on E-Commerce Security Amid Snowballing Threats. How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike. ... But experts are warning retailers not to focus only on one threat or on protecting one particular system.

Account Takeover Fraud Losses Total Billions Across Online Retailers

Account takeover (ATO) attacks are on the rise, and in fact have become a go-to attack of choice cybercriminals of all stripes. In fact, in 2019 alone, ATO attacks cost consumers and e-commerce retailers a whopping $16.9 billion in losses.

Phishing Lures Shift from COVID-19 to Job Opportunities

Fortinet researchers are seeing a pivot in the spear-phishing and phishing lures used by cybercriminals, to entice potential job candidates as businesses open up.

Amazon-Themed Phishing Campaigns Swim Past Security Checks

A pair of recent campaigns aim to lift credentials and other personal information under the guise of Amazon package-delivery notices.