As Amazon Prime Day 2025 approaches on July 8th, shoppers worldwide are eagerly preparing their wish lists for the big savings event. But this busy shopping period also attracts hackers. Cybercriminals are actively deploying phishing attacks and creating fake domains designed to deceive consumers.
Security researches at Check Point Research in a recent report found in June alone, over 1,000 new domains with names similar to Amazon’s appeared online, with 87% flagged as suspicious or malicious. Many of these domains, about one in every 80, incorporate terms like Amazon and Prime. These fake sites are crafted to imitate Amazon’s official portals, aiming to steal user login credentials, personal information, or even commit identity theft and gift card fraud.
Cybercriminals use two primary tactics to target shoppers during high-stakes events like Prime Day:
Fake Domains
Websites that mimic Amazon’s login or checkout pages to deceive users into entering their credentials.
Phishing Emails
Messages designed to create a sense of urgency, such as “refund errors” or “account issues,” encouraging recipients to click malicious links.
For example, researchers identified domains like Amazon02atonline51[.]online and amazon-2025[.]top often targeted at specific countries or regions that imitate Amazon’s login pages and collect user credentials.
They also recently intercepted a phishing campaign that spoofed Amazon. One email used the subject “Refund Due – Amazon System Error” and appeared to come from Amazon, urging recipients to click a link to update their address” which led to a fake Amazon login page crafted to steal credentials.
With these threats on the rise, it’s crucial to adopt safe online habits. Here are some essential tips:
- Verify URLs Carefully – Always check the website’s URL for authenticity. Look out for slight misspellings, unusual domain extensions, or hyphenated brand names.
- Check for HTTPS and the Padlock – Ensure the site uses HTTPS and displays a padlock icon, but remember to verify the URL itself, as some malicious sites can fake security indicators.
- Be Wary of Email Links – Hover or long-press links to view them before interacting with. Or instead of clicking links in emails, open your browser and navigate directly to the site such as www.amazon.com or their official app.
- Use Strong, Unique Passwords & Enable Two-Factor Authentication (2FA) – Protect your account with strong, complex passwords and add an extra layer of security with 2FA.
- Be Wary of Urgency and Unrealistic Deals – Scammers often create a false sense of urgency or promote deals that seem too good to be true. Stay cautious and trust your instincts.
- Utilize Security Software – Tools like CheckPoint’s Zone Alarm, or Malwarebytes, are great options for protecting devices in your home or small business.
Prime Day offers fantastic opportunities for savings, but it’s also a prime time for cybercriminals to launch scams. Being vigilant, cautious, and informed can help ensure your shopping experience remains safe and enjoyable. Remember: shop smart, stay alert, and don’t let cybercriminals turn your shopping spree into a nightmare.
Leave a Reply