Cybersecurity researchers at Avanan have observed an uptick in spoofed Amazon attacks as hackers are exploiting the brand, offering fraudulent gift cards, and manipulating users into giving up their credentials for hackers to get their hands on. This is detailed in a new research report which reveals how hackers are taking advantage of the large brand name to send credential harvesting emails promising an Amazon gift card if the user takes a survey. Unfortunately, victims are tricked into clicking on a malicious link provided in a phishing email attack.
With Amazon Prime Day 2022 kicking off next week – July 12 and13 – Avanan anticipates these types of phishing attacks to spread like wildfire and continue to dramatically increase as one of the biggest shopping holidays approaches. Not only is it two days of lightning deals, which have already begun with early access, but it’s also a lucrative time for cybercriminals to prey on vulnerable shoppers.
You can view the report here.
UPDATE: I have received commentary from three sources on this. The first is from Dr. Darren Williams, CEO and Founder of BlackFog:
“Phishing emails are also used to trigger payload downloads of ransomware which is not at an all-time high for 2022. BlackFog recorded increases in attacks on Education, Government and Manufacturing of 33%, 25% and 24% respectively during June which correlates with these increased phishing rates (https://www.blackfog.com/the-state-of-ransomware-in-2022/).”
“Corporations usually employ some email security products to detect bad URLs and brand impersonation and can therefore block the emails. Amazon consumer users usually use personal emails that lack advanced email security protection, so users must be even more cautious about handling personal emails with simple methods such as checking the sender or hovering over the links before clicking on them.”
Finally, I have Artur Kane, VP of Product of GoodAccess:
“While companies have many ways of layering their security to prevent phishing as well as to detect it and mitigate impacts, email security, DNS filtering, antiviruses, multi factor authentication or zero trust access, DLP etc., consumers are much more susceptible to attacks. Consumers rely heavily on the inbuilt protection in their operating system and email services providers. Attackers are fully aware of this, and they can find ways to evade filters, i.e. sending emails from a reputable IP address. The pillar of lowering the number of attacks remains education. Attackers often disguise themselves as trustworthy suppliers, in this case Amazon. They try to build a sense of urgency to make the victim act without much caution and often build on one or more of the following emotions: joy, charity, caution, trust, duty and fear. Typical types of fraudulent emails are invoices, bills, taxes, orders or job applications. Ideally, public education system should prepare all students for 21st century problems like phishing, but until that’s the case, users should follow these simple rules:
- Stay alert, check all emails requiring you to take any action, especially from known brands for spelling mistakes, misrepresented domains, shortened links, validity of the request, especially when email are unsolicited.
- Don’t click on any links and do not open any emails that you didn’t expect or asked for.
- If you are unsure about the sender, verify them first, hover over every link to check the actual destination and report any potentially fraudulent messages.”