Scam Of The Week: Bad Guys Prep For Prime Day Phishing Attacks

amazonprime Amazon, the world’s largest online retailer, hosts a massive sales event once a year called Prime Day. Usually set in July, the highly awaited two-day event was postponed until October 13th and 14th this year. While you get ready to shop, the bad guys are getting ready to scam you any way they can. A report from Bolster Research shows a large spike in phony websites using the Amazon brand since August.

One scam site that researchers found uses the deceiving URL www.amazoncustomersupport[.]net. The page is an Amazon lookalike that claims to help with refunds and order cancellations. All you have to do is provide your order number and credit card information—or so they say. In reality, anything you enter on this page is delivered directly to the bad guys.

fakeprimesite Another site that researchers found is a phony Amazon loyalty program. The website offers a free iPhone 11 Pro for answering survey questions and playing a game. If you win the game (spoiler: everyone wins!), you’re asked to provide credit card information in order to receive your free iPhone. Of course, you’ll never receive the phone and you’ll start to see some strange charges on that credit card.

Give your employees, friends, and family a heads up by using the following text (feel free to copy/paste/edit):

Amazon’s massive Prime Day sales event is on October 13th and 14th this year. Bad guys have already created phony Amazon lookalike sites designed to trick people into providing confidential information.

Follow these tips to shop safely:

Go directly to Amazon.com to shop. This is the only way to be sure you are shopping on the real Amazon.
Never trust a link in an email that you were not expecting. Bad guys will be sending sneaky phishing emails that direct you to these phony amazon pages.
Look for anything out of the ordinary. For example, Amazon will never ask you to re-enter saved payment information.
If it looks too good to be true, it is. The Prime Day event may have some good deals, but not “Free iPhone” good!

If you are a KnowBe4 customer, the information from this blog post will be included in this week’s Scam of the Week email template. To learn how to send this to your users, check out our How to Set Up a "Scam of the Week" Newsletter knowledge base article.

For customers, we also recommend preparing users for these threats by testing them using these templates from our Current Events category:

Amazon Prime Day: Special deals and offers for Amazon Prime Day! (Link)
Amazon Prime Day: Help with returns and order cancellations (Link)

For more information on how to use these templates, see our Creating and Managing Phishing Campaigns knowledge base article.

Can hackers spoof an email address of your own domain?

Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.

Now they can launch a "CEO fraud" spear phishing attack on your organization, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained.

Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. Run this test so you can address any mail server configuration issues that are found.