Australians’ obsession with online shopping shows no sign of slowing. Some eight in ten households made an online purchase last year, according to statistics compiled by Australia Post – “more than ever before”.
But with cost-of-living pressures front-of-mind, consumers “persistently pursued discounts, focusing on major sales events”.
While these events are thought of as ‘Black Friday’ and ‘Cyber Monday’, a number of others also drive significant spending: notable examples include the Singles Day sales in China, and Amazon Prime Day.
Prime Day has evolved into a week-long sales event for Amazon’s subscription service members in 24 countries, including Australia. Collectively, in 2023, Prime members “purchased more than 375 million items worldwide … making it the biggest Prime Day event in Amazon’s history.”
But the event has also increasingly attracted the attention of cybercriminals seeking to exploit interest in the sales by stealing the login and payment card details of an unsuspecting portion of would-be bargain hunters.
Ahead of Amazon Prime Day in July 2024, Check Point Research has observed a significant increase in cyberattacks related to the Amazon Brand.
During June 2024, more than 1230 new domains associated with Amazon emerged, with 85% flagged as malicious or suspected to be malicious. In addition, 1 out of every 80 new Amazon-related domains identified as malicious or suspicious contains the phrase “Amazon Prime”.
So, while Prime Day offers the potential for incredible savings, it is crucial for Australian Prime customers to remain vigilant, exercise caution while clicking on links or providing sensitive information, and ensure they are navigating legitimate Amazon platforms.
Examples we’ve seen already
Fake sites are designed to mimic the look-and-feel of the regular Amazon website, but the profile login/registration button in the top right hand corner, when clicked, collects users’ login credentials. The goal of the cybercriminals behind these fake websites is to collect private information such as usernames, passwords, or payment details.
One of the ways that cybercriminals fool shoppers into visiting their fake sites is by sending a message via email, social media, or other electronic communication means. Cybercriminals use public resources like social networks to gather background information about the shopper, which helps them craft convincing fake messages.
These messages typically contain malicious attachments or links to the fake websites that appear to be owned by Amazon.
For example, in June, we discovered a widespread phishing campaign mimicking the Amazon brand, particularly targeting the US. The campaign distributed a PDF file with a name like ‘Mail-AmazonReports-73074[264].pdf’, which lures victims by urgently informing them that their Amazon account has been suspended due to mismatched billing information with their card issuer.
It instructs them to update their payment details through a phishing link that directs them to a fraudulent website. The message threatens closure of the account if immediate action is not taken, creating a sense of urgency to prompt the user to respond quickly, fearing data exposure or account termination as consequences of non-compliance.
This kind of attack can be especially effective in the lead-up to – and during – the Prime Day sale period, as shoppers have additional incentive to ensure they can log in and transact when a bargain arises.
Practical ways to shop safely
There are a number of practical things that Amazon Prime members can do to avoid these 1230 malicious websites and shop safely.
First, Australian shoppers should carefully check website addresses, and be particularly wary of misspellings or sites that do not end with .com.au. Copycat Amazon sites may end with something like .co instead, and while their appearance may be similar, and even promise Prime Day bargains, their real intent is to steal login and payment information. In addition to examining the end of the web address, shoppers should ensure that it starts with “https://” and has a padlock icon, indicating a secure connection.
Second, shoppers are advised to use credit cards over debit cards for online shopping as they offer better protection and less liability if stolen.
Third, shoppers should increase vigilance and scepticism around unrealistic deals. If it seems too good to be true, it likely is. This is particularly important when verifying emails that you might be sent promoting Prime Day bargains. Phishing attacks often use urgent language to trick you into clicking links or downloading attachments.
Shoppers should always attempt to verify the source of the email, however this may be challenging when dealing with more sophisticated cybercriminals. Having access to a comprehensive anti-phishing solution during big online sales can really help shoppers to keep their email accounts, browsers, devices, and networks secure, by checking the content and technical detail of every email.
Keep up to date with our stories on LinkedIn, Twitter, Facebook and Instagram.
