Check Point researchers have issued warning to Amazon’s 150M prime members, as they spot surges in malicious domains designed to imitate Amazon ahead of its annual online shopping event, Amazon Prime Day.
According to report available to TechEconomy.ng, hackers are crafting domains with the words “Amazon” and “Prime” in order to trick consumers into giving up their personal details.
- In the last 30 days, domains registered containing the word “Amazon” increased by 21%. 28% of those are malicious. 10% are suspicious.
- In the last 30 days, the number of domains registered containing the words “Amazon” and “Prime” has doubled within the last 30 days, with 20% of those domains being malicious
- Prime Day will run from October 13-14 for members in the US, UK, UAE, Spain, Singapore, Netherlands, Mexico, Luxembourg, Japan, Italy, Germany, France, China, Canada, Belgium, Austria, Australia, Turkey, and Brazil.
Hackers register domains similar to the brands consumers trust in order to lure online shoppers into revealing their personal information, such as credit card information, names, birthday, email and physical addresses, and other details often exchanged in an online purchase.
The attack method falls into the category of what is known as a phishing attack.
These occur when a hacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message or text message.
Recipients are then tricked into clicking a malicious link, which can result in installation of malware, ransomware attacks or the extraction of sensitive information.
Speaking on the report, Check Point’s Data Threat Researcher, Omer Dembinsky, said:
“We’re sounding the alarm bells, as we’re seeing unusually high surges of malicious domains attempting to imitate the e-commerce giant at this time. Before Amazon Prime Day, create a strong password, don’t overshare personal details on your profile, and watch for any misspelling of Amazon.com as you shop from page to page. On Amazon Prime Day, triple check if you are actually on Amazon.com. The revelation is clear: as consumers gear up for Prime Day, so are hackers. One wrong click can lead to all your personal information getting out there.”