ADVERTISEMENT
TechEconomy
Friday, June 6, 2025
No Result
View All Result
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
      • Accessories
      • Phones
      • Laptop
      • Gadgets and Appliances
      • Apps
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
      • Broadband
    • Mobility
    • Environment
    • Travel
    • Commerce
    • StartUPs
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • Appointment
    • EventDIARY
    • Editorial
  • Apply
  • TecheconomyTV
  • Techeconomy Events
  • BusinesSENSE For SMEs
  • TBS
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
      • Accessories
      • Phones
      • Laptop
      • Gadgets and Appliances
      • Apps
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
      • Broadband
    • Mobility
    • Environment
    • Travel
    • Commerce
    • StartUPs
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • Appointment
    • EventDIARY
    • Editorial
  • Apply
  • TecheconomyTV
  • Techeconomy Events
  • BusinesSENSE For SMEs
  • TBS
No Result
View All Result
Tech | Business | Economy
No Result
View All Result
Podcast

Home » Amazon Prime Day or Amazon Crime Day? Don’t Fall Victim to Phishing, Warns Check Point Software

Amazon Prime Day or Amazon Crime Day? Don’t Fall Victim to Phishing, Warns Check Point Software

Techeconomy by Techeconomy
July 11, 2022
in Security
0

RelatedPosts

Why Nigeria Must Embrace AI-Powered Cybersecurity Now

Why Nigeria Must Embrace AI-Powered Cybersecurity Now

June 5, 2025

Sophos Updates its Firewall Software to Enhance Protection, Incident Response Capabilities

June 5, 2025

Kicking off July 12th, the annual Amazon shopping extravaganza, as always, is promised to be bigger and better with more cash savings and offers on goods.

Key Highlights

  • This year, during the first few days of July, Check Point Research (CPR) has already witnessed a 37% increase in daily Amazon-related phishing attacks compared to the daily average in June
  • Last year during the month of Amazon Prime Day (June 2021) we witnessed an 86% increase in phishing emails relating to the occasion, and a 16% increase in phishing URLs compared to the previous month
  • During June 2022, there were almost 1,900 new domains related to the term “amazon” of which 9.5% were found to be risky – either malicious or suspicious
  • CPR provides examples of malicious impersonations of Amazon Customer Service, as well as a log-in page for Amazon Japan

Online shoppers are already on the hunt for one-time offers or once-a-year deals and are closely monitoring the web for upcoming surprises.

Clearly tracking this trend, cybercriminals are also sharpening their own upcoming surprises and gearing up to exploit the excitement of shoppers.

Of course, Amazon-related phishing occurs all year long, and the company is often in the top imitated brands yet there is always an increase in activity around Prime Day.

CPR is closely monitoring for cyber threats related to the day, both in the weeks leading to it and during the event itself, and has already found alarming signs of malicious phishing campaigns and fake websites.

Phishing shoppers through emails and fake URL’s

During the first week of July, CPR witnessed a 37% increase in daily Amazon-related phishing attacks, compared to the daily average in June.

The team also found approximately 1,900 new domains containing the term ‘amazon’ and 9.5% of these were found to be risky, either malicious or suspicious.

In the weeks prior to Prime Day 2021, CPR discovered 2,303 new Amazon-related domains with most of them (78%) found to be risky. Our researchers believe that this decrease could partly be explained by cybercriminals not always having the full term “amazon” included in the domain being registered for phishing purposes to avoid detection.

Furthermore, these cybercriminals might leverage these domains for a later use, and do not want them to contain content that could be deemed malicious. 

‘Phishing URLs’ are webpages that impersonate legitimate Amazon pages.

They look exactly like the real thing and within it, they request users to provide information, usually credentials.

Emails are the most common medium that phishers use to deliver malware or steal private information.

Example 1:

The following email allegedly informs the customer of a canceled order due to payment issues. However, it contained an ISO file attachment, which when opened would have left an executable dropper malware on the recipient’s computer.

From: “Amazon Customer Support” <mail@amazonsupportlink.com>

Subject: Order Canceled Unpaid INV #XXXXXXXXX

Amazon Prime Day - Don’t Fall Victim to Phishing
Advertisements
MTN ADS

Example 2:

The following email, which is targeting Amazon Japan customers, asks the recipient to click a link to approve a payment method. This link in fact leads the victim to a fake login site (michaelcarunchiodmd[.]com/jp) imitating the real website. The site is currently inactive.

From: Amazon (xg@jkhhwbfa.com)

Subject: Amazon.co.jp: Your payment method is not approved # XXX-XXXXXXX-XXXXXXX

Amazon Prime Day - Don’t Fall Victim to Phishing
Amazon Prime Day - Don’t Fall Victim to Phishing

How to Recognize Phishing Emails

Phishers use a wide range of techniques to make their malicious emails look legitimate but if you are aware of these techniques, you will be able to identify – and avoid – a phishing attack. These are some of the most used techniques:

Fake Domains

One of the most common techniques used in phishing emails are lookalike or fake domains that appear to be a legitimate or trusted domain at a casual glance. For example, instead of the email address boss@company.com, a phishing email may use boss@cornpany.com or boss@compаny.com.

The first email substitutes rn for m and the second uses the Cyrillic а instead of the Latin a. While these emails may look like the real thing, they belong to a completely different domain that may be under the attacker’s control.

Phishers may also use fake but plausible domains in their attacks. For example, an email claiming to be from Netflix may be from help@netflix-support.com. While this email address may seem legitimate, it isn’t necessarily owned by or associated with Netflix.

Incorrect Grammar or Tone

Often, phishing emails are not written by people fluent in the language. This means that these emails can contain grammatical errors or otherwise sound wrong. Real emails from a legitimate organization are unlikely to have these mistakes, so they should be a warning sign of a potential phishing attack.

Another thing to look out for is emails with the wrong tone or voice. Companies, colleagues, etc. talk and write in a certain way.

If an email sounds too formal or too informal, stilted, or otherwise odd given its sender, then it might be a phishing email.

Unusual Attachments

A common goal of phishing emails is to trick the recipient into downloading and running attached malware on their computer. For this to work, the email needs to carry a file that is capable of running executable code.

As a result, phishing emails may have unusual or suspicious attachments. For example, a supposed invoice may be a ZIP file or an attached Microsoft Office document may require macros to be enabled to view its content. If this is the case, it is probable that the email and its attachments are malicious.

Psychological Tricks

Phishing emails are designed to convince the recipient to do something that is not in their best interests (giving away sensitive information, installing malware, etc.). To accomplish this, phishers commonly use psychological tricks in their campaigns, such as: 

  • Sense of Urgency: Phishing emails commonly tell their recipients that something needs to be done right away. This is because someone in a hurry is less likely to think about whether the email looks suspicious or is legitimate.
  • Use of Authority: Business email compromise (BEC) scams and other spear-phishing emails commonly pretend to be from the CEO or someone else in authority. These scams take advantage of the fact that the recipient is inclined to follow orders from their bosses.
  • Fear and Blackmail: Some phishing emails threaten consequences (such as revealing allegedly stolen sensitive data) if the recipient doesn’t do what the attacker says. The fear of embarrassment or punishment convinces the recipient to comply.

Phishers have extensive experience in using psychology to achieve their goals. If an email seems coercive in any way, it might be a phishing attack.

Suspicious Requests

Phishing emails are designed to steal money, credentials, or other sensitive information. If an email makes a request or a demand that seems unusual or suspicious, then this might be evidence that it is part of a phishing attack.

What to Do if You Suspect a Phishing Attack

The impact and cost of a phishing attack on an organization depend on the speed and correctness of its response. If you suspect that an email may be a phishing email, take the following steps: 

  1. Don’t Reply, Click Links, or Open Attachments: Never do what a phisher wants. If there is a suspicious link, attachment, or request for a reply don’t click, open, or send it.
  2. Report the Email to IT or Security Team: Phishing attacks are commonly part of distributed campaigns, and just because you caught the scam doesn’t mean that everyone did. Report the email to the IT or security team so that they can start an investigation and perform damage control as quickly as possible.
  3. Delete the Suspicious Email: After reporting, delete the suspicious email from your inbox. This lessens the chance that you’ll accidentally click on it without realizing it later.

How to Protect Against Phishing Emails

Phishing emails are one of the most common types of cyberattacks because they are effective and easy to perform.

While awareness of common phishing tactics and knowledge of anti-phishing best practices is important, modern phishing attacks are sophisticated enough that some will always slip through. 

Also, Check Point Harmony Email & Office provides visibility and protection across email phishing techniques.

Loading

Author

  • Techeconomy
    Techeconomy

    View all posts
0Shares
Tags: Prime DayPrime Day phishing
Previous Post

SAS Acquires Kamakura to Propel Risk Technology Innovation

Next Post

SAS in South Africa Appoints Essie Mokgonyana as new Country Manager

Techeconomy

Techeconomy

Related Posts

Why Nigeria Must Embrace AI-Powered Cybersecurity Now
Security

Why Nigeria Must Embrace AI-Powered Cybersecurity Now

by Techeconomy
June 5, 2025
0

As someone who recently analyzed TSAN’s performance on industry-standard datasets like NSL-KDD, I found that it consistently outperformed older detection...

Read more
Sophos Launches New XGS Series of Desktop Firewalls

Sophos Updates its Firewall Software to Enhance Protection, Incident Response Capabilities

June 5, 2025
Aminu Maida and Judiciary | Cybersecurity Framework

NCC Unveils Cybersecurity Framework to Strengthen Nigeria’s Digital Space

June 5, 2025
Phishing, vishing, and smishing attacks

How to Spot Phishing, Vishing and Smishing

June 4, 2025
SMS Scams on the rise

SMS Scams Surge 73% | Data Finds Key Trends

June 2, 2025
IHS Nigeria and Tower sites security

IHS Nigeria Commissions 65 Patrol Vehicles to Enhance Telecoms Tower Site Security

June 2, 2025
Next Post

SAS in South Africa Appoints Essie Mokgonyana as new Country Manager

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Techeconomy Podcast

Techeconomy Podcast
Techeconomy Podcast

Infowave is brought to you by TechEconomy. Every week we will bring new stories from startups and influencers who are shaping and changing the world we live in. We’ll also bring you reports on topics you should know.

Follow us @techeconomyng for more.

TECH TALK EPISODE 2
byTecheconomy

PRODUCTIVITY AND WORK-Life Balance

TECH TALK EPISODE 2
TECH TALK EPISODE 2
May 22, 2025
Techeconomy
CYBERSECURITY ESSENTIALS
April 24, 2025
Techeconomy
Digital Marketing Trends and strategies for 2025 and beyond
February 27, 2025
Techeconomy
Major Lesson for Techies in 2024 and Projections for 2025
December 6, 2024
Techeconomy
Major Lessons for Techies in an AI-Driven World | Techeconomy Business Series Highlights
November 26, 2024
Techeconomy
Maximizing Profitability Through Seasonal Sales: Strategies For Success
November 8, 2024
Techeconomy
Techeconomy Business Series
October 15, 2024
Techeconomy
PRIVACY IN THE ERA OF AI: GETTING YOUR BUSINESS READY
May 30, 2024
Techeconomy
Unravel the Secrets of Marketing Everywhere All At Once with Isaac Akanni from Infobip | Infowave Podcast Episode 1
February 9, 2024
Techeconomy
The Role of Ed-tech in Life Long Learning and Continuous Education
October 19, 2023
Techeconomy
Search Results placeholder

WHAT IS TRENDING

https://www.youtube.com/watch?v=g_MCUwS2woc&list=PL6bbK-xx1KbIgX-IzYdqISXq1pUsuA4dz

Follow Us

  • About Us
  • Contact Us
  • Careers
  • Privacy Policy

© 2025 Techeconomy - Designed by Opimedia.

No Result
View All Result
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
      • Accessories
      • Phones
      • Laptop
      • Gadgets and Appliances
      • Apps
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
      • Broadband
    • Mobility
    • Environment
    • Travel
    • Commerce
    • StartUPs
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • Appointment
    • EventDIARY
    • Editorial
  • Apply
  • TecheconomyTV
  • Techeconomy Events
  • BusinesSENSE For SMEs
  • TBS

© 2025 Techeconomy - Designed by Opimedia.

Translate »
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.