Increase in Phishing Attacks Amid Amazon Prime Day

Bolster research recently analyzed “hundreds of millions of web pages and tracked the number of new phishing and fraudulent sites using the Amazon brand and logos” prior to Amazon Prime Day. The study found a considerable increase in the number of phishing and hacking attacks observed each month since August, the biggest since March, amid COVID-19.

Bolster CTO, Shashi Prakash said that "The huge spike in phishing and fraud sites in September is a strong indication that cybercriminals will be active and trying to profit from the Prime Day frenzy. Shoppers need to stay alert to avoid giving up their personal information or buying products on fraudulent sites for things they will never receive. The best way shoppers can protect themselves is by understanding how to discern safe, secure activity from concerning warning signs that sites are fraudulent to avoid scams."

Tom Pendergast, Chief Learning Officer at MediaPro, a Seattle, Washington-based provider of cybersecurity and privacy education, echoed a similar sentiment. Pendergast warned of the importance of people preparing themselves for “another wave of phishing and online fraud? Because it’s coming and you can hardly miss it, thanks to Amazon’s ubiquitous promotion of Prime Day. It won’t be Amazon doing the scamming—it will be the same folks who take advantage of every other thing that excites us, scares us, or moves us to flock online in droves.” Pendergast also emphasized that as is commonplace during other significant time periods of the year, such as tax season, a presidential election, and most recently, the rapid spread of COVID-19, Amazon Prime Day is likely to attract many cybercriminals to create intricate traps that may take advantage of consumer enthusiasm for phishing purposes. These scams may potentially be designed to appear from Amazon itself but ultimately manipulate unsuspecting shoppers to obtain their data.

Another expert in the field, Brandon Hoffman, Chief Information Security Officer at Netenrich, a San Jose, Calif.-based provider of IT, cloud, and cybersecurity operations and services, called Amazon Prime Day a “unique opportunity for cybercriminals because there will be a massive focus on special deals. This creates a situation where people may be scrambling to get a special deal on something and may allow them to overlook common suspicious activity. Another consideration is that Amazon security teams will likely be on high alert for fraudulent activity but that may overshadow some other standard areas of focus leaving a blindspot for less overt tactics against Amazon directly. Specifically malvertising links for Amazon deals that lead to malware or phishing attempt offering early access or special deals." The likelihood of this occurrence is further exemplified by Lookout Senior Manager, Hank Schless’s recognition of “a massive spike in COVID-19-related scams when the pandemic first broke out. So it makes sense that there would be a spike in Amazon-related URLs, especially at a time when online shopping has become the primary way people are purchasing things."

To put this into perspective, at the start of the Coronavirus, the aforementioned software company, Lookout, witnessed a 37% increase in mobile phishing attacks, with the vast majority of these attacks being concealed as COVID-19 relief funds or medical programs. Because people today shop on their iPhones, iPads, and other mobile devices more than ever before, cybercriminals and hackers are not only of aware of this but often using this information to target phishing attacks through SMS messaging and social media platforms. Schless added that scenarios like these are believable and can easily trick people because “phishing campaigns based on something like Prime Day are built to mimic those communications. We’re programmed to interact quickly with notifications on our mobile devices.”

Add onto this the fact that mobile devices have naturally smaller screens and a quicker, more simplified user experience, it is often difficult to spot the typical red flags that warn of a potential scam or phishing attack. One of the most common of these scams is reported to be a campaign in which a fake SMS message will be sent to users, posing as a local delivery service, attempting to deliver a package. When the users are either given the option to track their package or even asked to identify themselves, the link provided for them to click on is actually a method of collecting private data such as a credit card number or personal information.

When it comes to being aware of these scams and taking the necessary precautions to protect oneself in such situations, WhiteHat Security principal security engineer, Ray Kelly noted that “Social engineering remains a common method for attackers. Humans are often the weakest link in the security chain. Always think before you click. Take a moment to ask yourself, does this look like a real email? If it has an embedded link or attachment, those are the first things that should set off warning signals," Durbin notes. " Is this a site that you’ve seen before? It is far better to use a well-known brand or one you or colleagues, family, or friends have used in the past. These are questions you need to ask yourself.” This same strategy was reiterated by Schless who urged users to “protect yourself from mobile phishing attacks [by] never tap[ping] a link from a number or person you don’t recognize. If possible, contact the sender and validate the communication before interacting with the link.”

This particular spike in the number of phishing attacks during Amazon Prime Day, extensive research on the subject, and specific recommendations from industry experts epitomize the significance of cybersecurity and consumers protecting themselves from potential scams. Hoffman further added that people should “exercise caution and operate specifically within the Amazon website or the Amazon apps as opposed to clicking on banner ads or emails unless the email has been vetted or verified.” Going forward, it would be pertinent to follow Hoffman’s guidance as well as that of the other professionals mentioned above, to best ensure the prevention of phishing attacks in the future.