Researchers at Check Point observed more than a thousand newly registered malicious or suspicious web domains related to Amazon last month. The criminals are likely gearing up to target users during Amazon Prime Day next week.
“While Prime Day offers incredible savings, it is crucial for shoppers to remain vigilant, exercise caution while clicking on links or providing sensitive information, and ensure they are navigating legitimate platforms,” the researchers write.
Many of the phishing sites impersonate Amazon’s login page in order to steal users’ credentials. The crooks are also targeting Amazon carrier accounts with a phishing site called “amazon-onboarding[.]com.”
Check Point recommends that users adhere to the following best practices to thwart these attacks:
- “Check URLs Carefully: Be wary of misspellings or sites using a different top-level domain (e.g., .co instead of .com). These copycat sites may look attractive but are designed to steal your data.
- “Create Strong Passwords: Ensure your Amazon.com password is strong and uncrackable before Prime Day to protect your account.
- “Look for HTTPS: Verify that the website URL starts with “https://” and has a padlock icon, indicating a secure connection.
- “Limit Personal Information: Avoid sharing unnecessary personal details like your birthday or social security number with online retailers.
- “Be Cautious with Emails: Phishing attacks often use urgent language to trick you into clicking links or downloading attachments. Always verify the source.
- “Skeptical of Unrealistic Deals: If a deal seems too good to be true, it likely is. Trust your instincts and avoid suspicious offers.
- “Use Credit Cards: Prefer credit cards over debit cards for online shopping as they offer better protection and less liability if stolen.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Check Point has the story.
