We could all use some cheering up right now, and what’s better than finding a good bargain? Next week, over 1 million items, many of them of big-name retailers, will be available at a significant discount through Amazon Prime, which is holding its traditional and annual two-day shopping event.
Originally slated for July, Amazon Prime Day was postponed due to the pandemic, just like every other exciting event in our lives lately.
But this morning, just days before we rush to provide our credit card information, a distressing warning was issued after cybersecurity experts discovered that over 150 million Amazon Prime members are now at risk.
According to Check Point researchers, they have been removing an unusually high number of malicious domains designed to imitate Amazon ahead of the annual online shopping event. These malicious domains try to come across as the e-commerce giants by including the words “Amazon” and “Prime” in their website, and in that way trick consumers into providing their personal details.
Over the last 30 days, there was a 21%” increase In the registration of domains containing the word “Amazon,’’ they claim 28% of those are malicious and 10% are suspicious. The number of registered domains that contain the words “Amazon” and “Prime” has doubled, and 20% of those domains are malicious.
“This year, we have seen a significant surge in hacker interest around Amazon. In the first quarter of this year, Amazon made up only 1% of all brand phishing attacks. In the second quarter of this year, Amazon rose to the very top of most imitated brands by hackers, alongside Google,” says Maya Levine, Security Engineer at Check Point. “This trend is expected to continue, especially with Amazon Prime Day coming up. Shoppers should be especially wary of browsing to fraudulent sites. Our research indicates that web browsers were targeted in 61% of all phishing attacks in the second quarter. “
The attack strategy is known as phishing: the hacker masquerades as a trusted entity dupes a victim into opening an email, instant message, or text message. Recipients are then tricked into clicking on a malicious link, which can result in the installation of malware, ransomware attacks, or the extraction of sensitive information. This way, the hacker can simply register domains similar to the brands’ consumers’ and lure them into a situation in which they reveal their personal information.
“We’re sounding the alarm bells,” says Check Point’s Data Threat Researcher, Omer Dembinsky. “As consumers gear up for Prime Day, so are hackers. One wrong click can lead to all your personal information getting out there.”
Where hackers lurk, precautions should be taken and there are steps we can all take to stay safe when we look for that great new bargain.
Start by identifying misspellings or sites using a different top-level domain other than Amazon.com. “For example, a .co instead of .com. Deals on these copy-cat sites may look just as attractive, but this is how hackers fool consumers into giving up their data.” Make sure you only make your purchases on websites with the secure sockets layer (SSL) encryption installed. “To know if the site has SSL, look for the “S” in HTTPS, as opposed to HTTP. An icon of a locked padlock will appear, typically to the left of the URL in the address bar or the status bar down below. No lock is a major red flag.”
You can also use this opportunity to finally change that old password. “Make sure your password for Amazon.com is uncrackable, well before October 14.”
One of the most important things to remember, according to the Israeli cybersecurity giant, is, in the spirit of the COVID era, not to go public. “Please refrain from using any public wi-fi to shop on Amazon Prime Day. Hackers can access what you are looking at on the web. This can include emails, payment details, browsing history, or passwords.”
Remember, even if we do plan on getting better deals than ever, be mindful. Sometimes too good is not so good at all. “This will be tough to do, as Prime Day is filled with great offers. Go with your gut feeling. An 80% discount on the new iPad is usually not a reliable or trustworthy purchase opportunity.” When you have found the ideal deal and you are ready to pay, use only your credit cards, not the debit card, which provides details of your bank account.
Prime Day will run from October 13-14 in the US, UK, UAE, Spain, Singapore, Netherlands, Mexico, Luxembourg, Japan, Italy, Germany, France, China, Canada, Belgium, Austria, Australia, Turkey, and Brazil. Enjoy your safe shopping.