It’s an exciting day, because it’s not just any regular Monday – Amazon Prime Day is finally here! This means that threat actors are hard at work with all new online shopping scams. According to Checkpoint, last year 20% of domains registered that contained the words “Amazon” and “Prime” were phishing sites. This year alone, 32% of the domains registered are considered to be malicious and phishing techniques are becoming highly innovative with new ways to trick online shoppers.
Here’s an Amazon phishing email example below:
Source: CheckPoint. It was an inactive link that appears as though it was sent from “Customer Service” asking to verify the account.
We recommend that you look out for a few key warning signs to avoid getting caught in any online shopping scam. Here are a few ways to stay safe while shopping this Amazon Prime Day:
- Watch out for misspellings of Amazon.com. Fraudulent “Amazon” sites may use a different top-level domain other than Amazon.com. For example, they may use a .co instead of .com. The deals featured on these “copy-cat” websites may appear just like the ones on the real site, and this is one simple way scammers can try to trick shoppers into giving up their information.
- Is the lock symbol visible? Never purchase anything from online websites that do not have secure sockets layer (SSL). One way to know if a site has SSL, is to look for the “S” in HTTPS, instead of HTTP. Any website without a lock is a major red flag!
- Do NOT overshare. If you’re asked for details like your birthday or social security number, then it’s most likely a scam! No online shopping retailer will ever need your birthday or social security number to do business. The more hackers know about you personally, the more they can hijack your identity.
- Is there a sense of urgency? Scammers take advantage of human nature and people make more mistakes when they’re in a rush to follow the orders of people in authority. Phishing attacks feature these techniques to convince their people to let their guard down and ignore potential suspicions about an email which leads them to click on a link or open an attachment they probably shouldn’t.
- Create a strong password. Once a hacker is inside your account, it’s game over. Avoid using a password with any information that a scammer could guess or easily find out about you. If you’re currently using a password that you think is weak, go change it right now!
- Avoid shopping over public Wi-Fi. Refrain from using any public wi-fi to shop on Amazon Prime Day. Hackers can easily spy on what you’re looking at on the web and can see things like emails, payment details, browsing history and even passwords.
- If it sounds too good to be true, then it is. Since Prime Day is all about the best online deals – this one is tricky. But as the saying goes, if it seems too good to be true, it probably is. (Always go with your gut: an 80% discount on the new Apple iPhone is probably fake).
- Only shop with credit cards. For Prime Day, it’s best to stick to your credit card. Since debit cards are linked to your bank accounts, you’re at risk if someone hacks your information. Remember, if a card number gets stolen or lost, they offer less liability and more protection.
As a managed IT service provider, PACE Technical offers cybersecurity and phishing protection services for SMB’s in the GTA including user awareness and training. For more cyber tips on online safety, be sure to check our blogs regularly. If you have any questions about cybersecurity or IT services for your business, please email: [email protected] or book a meeting here: https://meetings.hubspot.com/lbarrett