Virtualization Technology News and Information
Amazon Prime Day: Be on the Lookout for Phishing and Credential Harvesting Scams


With Amazon Prime Day (two days) starting today, Avanan researchers have warned security teams that hackers are taking advantage of Amazon's popularity to send phishing and credential harvesting emails.

Starting in June 2022, Avanan researchers have seen an uptick in spoofed Amazon attacks, whereby hackers are trying to steal credentials in the hopes that users will think it's the actual Amazon brand emailing. In their latest blog post, Avanan analyzes how hackers are spoofing Amazon to steal credentials.

Here's what security experts have to say about this:


Patrick Harr, CEO at SlashNext, a Pleasanton, Calif.-based anti phishing company:

"Shoppers anxiously await the amazing offers and discounts revealed during the two-day sale Amazon Prime Day sale, and bad actors are lying in wait to take advantage of the excitement. Right now, SlashNext has tens of thousands of live malicious Amazon phishing URL in our database, which has increased over the last 72 hours. Most are scams designed to take advantage of Amazon Prime Day shoppers looking for deals. There are also more dangerous phishing attacks included credential stealing, and rogue software which can lead to ransomware and account takeovers."


Darren Guccione, CEO and Co-Founder at Keeper Security, a Chicago-based provider of zero-trust and zero-knowledge cybersecurity software:

"All Amazon users should be mindful of spoofed or unauthentic emails.  Cybercriminals utilize this common attack vector because people often focus on the branding and aesthetics of the email to mistakenly click a malicious link. Outside of an order summary or a notification of a remote account login (or login from a new device), Amazon rarely sends advertising emails. Thus, we do not recommend clicking on any links from emails purportedly sent by Amazon which in actuality, may originate from a malicious attacker and thus may not be authentic. These links could contain malware or route a person to a nefarious website to enter their account credentials.  Always check the URL that the site navigates you to. 

If an Amazon account holder wants to transact with Amazon, it is best to go directly to their website and better yet, use a password manager. For example, Keeper routes and authenticates users to and with authentic sites and; notifies a user when a URL they navigate to doesn't match their data stored in Keeper."


Hank Schless, Senior Manager, Security Solutions at Lookout, a San Francisco, Calif.-based security service edge (SSE) provider:

"Attackers will leverage any current event to target consumers with phishing campaigns. We frequently see this around the traditional holiday season with fake Black Friday and Cyber Monday deals and package delivery notifications. These are typically phishing campaigns that target consumers in order to steal personal login credentials. The attacker can then attempt to use the credentials across tens of thousands of online banking sites, healthcare platforms, and other places with valuable or sensitive data. This is a process known as credential stuffing. 

As a best practice, you should never click on a shortened link (ex: bitly or tinyurl links) that is paired with an offer or advertisement. If you receive one of these links from a contact in your phone, call that person to validate that it was really them. This incident also shows how important it is to protect yourself from phishing attacks on your mobile device as attackers increase the volume and believability of their malicious campaigns."


Ryan McCurdy, Vice President of Marketing at Bolster, Inc. , a Los Altos, Calif.-based provider of automated digital risk protection:

"Three-quarters of companies worldwide have experienced some form of phishing attack as it's one of the easiest tactics that hackers use to steal data from employees, customers, and partners. The main reason that phishing scams are so convincing is that they often mimic the look of a brand or a credible person down to a very fine detail. To make matters worse, they prey on human action bias, with a call to action stating that attention must be taken right now.

As employees adapt to unfamiliar work environments away from the office, their primary focus is not necessarily on security and robust methods of authentication. Unfortunately, too many organizations still depend solely on passwords to gain access to devices, applications, and networks. Yet, passwords come with a range of inherent weaknesses - they can be easy to guess, they get reused and, of course, they can be phished. Credential stuffing attacks depend on the ill-advised practice of password reuse."


Published Tuesday, July 12, 2022 2:02 PM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<July 2022>