A new threat alert from ConsumerAffairs and TrendMicro proves more than just shoppers will take advantage of Amazon’s upcoming Prime Day.
As Prime Day approaches on July 11-12, ConsumerAffairs reports on a variety of scams bad actors are expected to use to take advantage of online shoppers looking for a good deal:
Trend Micro's research team identified:
- SMS messages from scammers say that due to your account security issue, you need to log in via the fake URLs on the message. The victims might share their phone numbers or emails with scammers since they were asked to use these kinds of personal information to retrieve their accounts.
- The top five states being targeted are Texas, Florida, Tennessee, Pennsylvania and Virginia.
- Scammers pretend to celebrate Amazon Prime Day and then invite users to sign-up and get free shipping benefits in order to steal victims’ personal information.
- The top five states being targeted are Washington, Ohio, Minnesota, Virginia and Missouri.
- Scammers are utilizing a $100 Amazon gift card as a reward to attract email receivers to click the mail or even to redirect them to other suspicious websites. Trend Micro found 15 logs on July 2.
- Scammers are impersonating Amazon to give special discounts on some houseware and redirect victims to buy those on fake shopping sites. Trend Micro found 10 logs on July 1. “
ConsumerAffairs quoted TrendMicro VP of Threat Intelligence Jon Clay, “Consumers should be wary of unsolicited communications via text or email where they are offered great deals but then are asked to provide personal information about themselves or give their financial information like credit card info to the solicitor. On Amazon Prime Day, we advise consumers to go to the Amazon site themselves instead of via any solicitation they receive.”
This year’s Prime Day scams, spanning far longer than the two-day event itself, gel with past years’ tactics. As our own Erich Kron wrote, keeping a keen eye while deleting or ignoring these sorts of scams is the best course of action:
“If it’s an email or text message, simply deleting it is the wisest course. If it’s a phone call, simply tell them that you will go to the website and look into whatever the issue is. You can also tell them you will call the customer service number from the website directly, and ask for their extension and name. Any legitimate caller from Amazon’s customer service department will understand.”
The TrendMicro alert also called out DHL shipping scams and bad actors impersonating well-known brands as popular recent threats to be on the watch for. ConsumerAffairs has the full story.
As always, new-school security awareness training can help ensure your users know what scams of all sorts look like and how to avoid them.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
