Watch Out for These Prime Day Scams

When Amazon's yearly Prime Day sale begins this week, numerous individuals will be searching for exceptional bargains. However, the tech behemoth and cybersecurity professionals caution that con artists will also be aiming to exploit the occasion to unlawfully obtain customers' financial resources and personal data.

Before the enormous sale kicks off on Tuesday, security experts from the cybersecurity company Check Point have reported a significant surge in Amazon Prime-related phishing scams detected by their technology. In June alone, the number of these malicious campaigns observed by their systems witnessed a substantial increase of 16 times compared to the previous month.

Certain fraudulent emails claim that the receiver's Prime subscription has been temporarily suspended due to a payment complication, whereas others insist on updating their profile or risk account suspension. These deceitful messages aim to acquire individuals' credit card details or gain access to their Amazon account credentials.

Furthermore, the team of Check Point researchers also discovered an additional 1,500 domains linked to Amazon, with the majority of them exhibiting suspicious or fraudulent characteristics.

In the meantime, Amazon highlighted a range of fraudulent emails and text messages received by its security team, which bear resemblance to shipping updates, order verifications, and account issues.

All of that could spell trouble for shoppers who may act impulsively without considering the consequences when they tap on a hyperlink in an unexpected email or text message. Consequently, they can fall victim to a scam where they unknowingly disclose their personal or financial details to a fraudulent website, inadvertently becoming prey instead of snagging a fantastic bargain.

The occurrence of deceitful schemes, in which cybercriminals deceive unsuspecting individuals by posing as genuine businesses, is increasing and not limited to Amazon. As per the Federal Trade Commission's report, these fraudulent activities resulted in American consumers losing a staggering $660 million in the previous year. This amount has escalated from $453 million in 2021 and $196 million in the preceding year.

Besides pretending to be online stores like Amazon, fraudsters also attempted to present themselves as technical support for corporations like Microsoft, delivery companies like UPS, and representatives from government organizations such as the IRS.

Scott Knapp, the director of global buyer risk prevention at Amazon, claims that his company is constantly battling against online criminals who try to pretend to be Amazon for malicious purposes.

In the previous year, Amazon announced that it took action against over 20,000 phishing websites and 10,000 phone numbers which were being utilized for impersonation schemes. Additionally, it reported numerous alleged cybercriminals to law enforcement agencies in different countries.

According to Knapp, the company has also established robust connections with law enforcement and governmental organizations throughout the years, which aid in their efforts to fight against phishing operations and fraudulent online platforms.

In the case of SMS or text-driven initiatives, Amazon has the ability to gather reported phone numbers, examine them, bundle them up, and dispatch them to the Federal Communications Commission. As a result, the FCC takes swift action to have those numbers removed.

However, it's a continuous and challenging struggle.

According to Knapp, they have a skill for generating fresh phone numbers that surpasses our capacity to effectively remove them at times. He mentioned their collaboration with trade organizations in the field, with the aim of enhancing this situation.

Amazon faces significant pressure in the run-up to Prime Day, as it anticipates a substantial surge in online shopping on its platform and rival retailers' sites with competing sales events. During such instances, customers are aware of the need to swiftly seize the offers, rendering them more vulnerable to fraudulent activities.

Amazon recently detected three scam text messages from cybercriminals attempting to pose as the company.

Nonetheless, it is crucial for customers to pause and ponder, particularly when a sudden "bargain" appears in their email or on their mobile device. The same holds true for notifications resembling order confirmations that you didn't place or alerts suggesting an issue with your account.

Knapp advises to constantly pause before engaging in actions such as clicking, texting, or returning a call to ensure that the message received is coherent.

Safe Prime Day Shopping Tips

Here are a few suggestions provided by Amazon and Check Point on how to ensure your safety when browsing for Prime Day bargains.

Please verify domain names carefully. If a website's URL does not begin with "Amazon.com," it might be counterfeit. The same applies to other e-commerce platforms. Pay attention to any errors in spelling, unusual punctuation, or any other irregularities in the website's address.

When buying products from Amazon, it is advisable to use their official website, application, or physical stores. It is important to note that Amazon will never request payment information via phone calls or emails. Furthermore, they will not require you to make payments through bank transfers or any third-party websites.

Navigate directly to the websites of the retailers. It is recommended to manually enter the URL instead of clicking on suspicious links. In case you receive a notification regarding an order that you do not recall making, avoid clicking on the link and simply go to your Amazon account's "My Orders" section to verify its authenticity.

Ensure you have a strong password and two-factor authentication (2FA) in place. It is crucial to have tough-to-guess passwords when accessing any online shopping platforms. These passwords should be lengthy, distinctive, and completely random. Resisting the temptation to reuse a phenomenal password on multiple accounts is essential. Furthermore, whenever available, activate two-factor authentication. This additional layer of security could be a lifesaver in the unfortunate event that your password becomes compromised.

Approach urgency with skepticism. While many Prime Day bargains come with time restrictions, any proposal that insists on immediate purchase should be examined more carefully. Cyber offenders are counting on your impulsive action before considering the consequences.

Search for the lock. Nowadays, every reputable online store utilizes SSL encryption. You can identify it by the presence of a lock icon at the beginning of the website's address. If this lock symbol is absent, consider shopping elsewhere.

Utilize a debit card. In case of unauthorized transactions, you won't be held responsible for the expenses.

Protect your sensitive information. It's unnecessary for businesses to obtain your Social Security number, date of birth, or any permanent personal details. If they request such information, politely decline.

Notify about fraudulent messages. The majority of email platforms have options to flag and report unsolicited or deceptive content. Untrustworthy SMS messages can be reported by forwarding them to 7726 (SPAM).

If something sounds too good to be true... Yes, we've heard this phrase countless times that it has become a cliché, but any deal that seems unbelievably amazing should be approached with caution, as it is likely to be a scam. If you cannot confirm its authenticity on the company's website, it is best to stay away.