During Amazon Prime Day in 2024, social engineering attacks take center stage -

Post Views: 134

During Amazon Prime Day in 2024, social engineering attacks take center stage

An astounding 85% of the 2024 domains connected to Amazon were reported as suspicious or malevolent.

July 16–17 is Amazon Prime Day, and it can be a terrific opportunity to get discounts on some of your favorite Amazon products. Nevertheless, cybercriminals are waiting in the shadows to steal your credentials while you shop.

Cybercriminals are working hard to steal your personal information, which they will use for evil intentions, while you are snatching up the best deals. Cybercriminals will attempt to obtain your usernames, passwords, and even financial information through phishing and other social engineering attacks.

They will do this by sending malicious emails or by fabricating fake websites that look like they are official Amazon websites. If you have a tendency to reuse usernames or passwords and do not use multi-factor authentication, this stolen information could then be used to defraud you by gaining access to your bank accounts and possibly hacking into your accounts (MFA).

Malicious Amazon Sites

The cybersecurity solutions provider Check Point Software Technologies (Check Point) revealed that there has been a concerning rise in the number of phony domains linked to the Amazon brand.

More than 1,200 new domains were registered in June 2024, and 85% of them had malicious intent.

The business listed a few instances of phony Amazon websites to stay away from on Prime Day since their sole purpose is to collect personal data:

amazon-onboarding[.]com: This is a fresh domain that is intended to pilfer credentials connected to carriers.
amazonmxc[.]shop: This store poses as Amazon Mexico and uses a layout resemblance. Nevertheless, when you type in your login credentials, fraudsters take note of them.
amazonindo[.]com: Scammers gather your credentials when you enter them in the upper right-hand corner, just like on the phony Amazon Mexico domain.

The cybersecurity solutions provider discovered 25 fictitious domains that are used to steal users’ personal data. Due to Amazon Prime Day’s immense popularity and ability to draw in millions of users from around the globe, an increasing number of people are at risk of falling victim to scams this year.

According to Check Point, in 2023, Prime members saved almost $2.5 billion on a variety of deals while making roughly 375 million purchases globally. But it also makes room for various forms of social engineering attacks, which are getting more and more realistic.

Phishing Attempts

Phishing and social engineering attacks come in a variety of forms. Check Point, however, discovered two distinct attempts to defraud consumers of their personal data by threatening to suspend or ban their accounts.

By instilling a sense of urgency, the phishers force the user to act quickly and without giving it enough thought. Users are then prompted to enter their bank details, usernames, and passwords on the phony Amazon website.

How to avoid scammers?

Check URLs: Verify that the URLs lead to a reputable website. Watch out for URL misspellings and sites that use a different top-level domain.
Use Strong Passwords: Make sure you use strong passwords for all of your accounts, including your Amazon account, to prevent hacking.
Employ Multi-Factor Authentication (MFA): Use MFA, such as biometric authentication, in addition to strong passwords to help secure your accounts.
Spot the HTTPS: Verify that the URLs begin with “https://” to ensure a secure browsing experience. This protects data transmitted between the web browser and the website.
Avoid Sharing Personal Information: Aim to keep as much of your personal data offline as you can, particularly private data like your date of birth, Social Security number, and financial information.
Think Before You Click: Check to make sure an email or link is authentic before clicking on it since it could be malicious.
If it’s too good to be true, don’t fall for it: Stay away from dubious deals, offers, and benefits by following your instincts. It’s probably not real if it seems too good to be true.
Use Credit Cards Over Debit Cards: When making payments online, credit cards provide an extra degree of security because they limit liability in the event that user credentials are stolen.

About The Author

Suraj Koli is a content specialist in technical writing about cybersecurity & information security. He has written many amazing articles related to cybersecurity concepts with the latest trends in cyberawareness and ethical hacking. Find more about Suraj Koli.

READ MORE ARTICLE HERE