For e-commerce platforms, phishing and credential harvesting attacks are a given, especially during the holiday season. But in a digital-only world, as more people turn to online shopping, online retail giant Amazon has become a high-value target for phishers, Mimecast finds.
Amazon remains one of the favorite brands for phishers and scammers, especially around the holiday season, according to cloud cybersecurity vendor Mimecast. The multinational retailer maintains a presence in 14 of the 20 biggest world economiesOpens a new window . So it is not all that surprising that 197 new phishing websites popped up in a couple of weeks preceding Amazon Prime Days on October 13 and 14.
As of October 2020, Amazon remains one of the top 10 brands used in phishing attacks. With digital spending rising, phishing attacks against Amazon customers grew 4% in October, up from 1% in April, which pushed pushing the retailer a place up to #9 in the list.
The surge in phishing attacks can be attributed to the following factors:
- A rise in digital spending Â
- Brand value
- Major sale days, holidays, and other events
Matthew GardinerOpens a new window , Principal Security Strategist at Mimecast says cybercriminals have a long history of leveraging holidays, global events, pandemics, as well as major company promotions to “goose their money-making schemes.â€
 “They love to glide in the slipstream that others create,†he said.
An analysis of data around such holidays, sales, or events reveals how impactful it can be. Cybersecurity vendor WebrootOpens a new window found that phishing attacks targeting Amazon during Prime Day were up 64% in October versus September. For a year-over-year (YoY) comparison, phishing attacks targeting Amazon were up 110% in October 2020 versus October 2019.
Though Black Friday is a week away, Webroot’s data shows as of November 15, and average daily phishing attacks jumped 45%.
See Also: 3 Out of 10 Workers Clicked a Phishing Link in the Past Year: Webroot Survey
Amazon-Based Phishing Sites
Mimecast discovered 197 live web pages simulating Amazon.com to bait users and should be on your blocklist.
Some of the sites include:Â
- https://user-amazon.u1k.cc/MkW41Ob5EjUvIH92/4ohjUOegl0wYu/wCi6yUZz0aP/klL5dirtx/1Â
Has a fake login page simulating Amazon’s. This site targets Amazon customers in Japan and is registered as ‘.cc’, i.e., Cocos (Keeling) Islands, which is an Australian external having only 600 inhabitantsÂ
2. http://amazonprime-italia.it/amazon/Â
Based on WordPress and targets Italian users of AmazonÂ
3. http://amazon-prime.online/Â
So far contains only HTML and JavaScript codeÂ
A quick scan of these sites by VirusTotal delivered mixed results. Only six of the 41 enginesOpens a new window rated the first as a phishing site, while another engine rated the third siteOpens a new window as a phishing website.Â
Mitigating the Threat of Phishing and Credential Theft
Claire UmedaOpens a new window , Former Vice President of Marketing at 4iQ told Toolbox how users could circumvent phishing baits.
“Often times, these scams are fairly conspicuous. They attempt to create a sense of urgency and trick victims into unwittingly installing malware or giving up their personal information. Phishing campaigns yield low results, but this is a volume game for these persistent cybercriminals,†she said.
For a frame of reference, Amazon account credentials of a single user fetch over $30Opens a new window for phishers.
Before clicking on an email, a link, or submitting sensitive information, users ought to keep in mind the following:
- Check if the email/website is poorly writtenÂ
- Contemplate whether the sender looks legitimateÂ
- Keep an eye out for the language. Phishers generally intimidate with fear-based languageÂ
- Are you being asked to click on a link or attachmentÂ
- Get in touch with the service’s call customer support if you’re asked for sensitive informationÂ
Let us know if you liked this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!