Amazon Prime Day 2024: Criminals Are Ready – Are You?

How does electronic fishing work (Phishing)

Phishing attacks (Phishing) often begin with a message sent via email, social media, or other electronic means of communication. Cybercriminals use public resources such as social networks to gather basic information about their victims, which helps them create convincing fake messages. These messages usually contain malicious attachments or links to fake websites that appear to belong to reputable entities such as Amazon. The goal is to collect personal information such as usernames, passwords or payment information.

Disturbing findings about records domain and phishing attacks (Phishing)

In view of her Amazon Prime Day in July 2024, we saw a significant increase in cyber attacks related to Amazon Brand.

During June 2024, more than 1.230 new ones appeared domain that are related to Amazon, with 85% flagged as malicious or suspicious. Examples of recently created ones are:

• amazon- [.] on is a newly registered fraudulent website designed as a phishing page pretending to be the Amazon, targeting specific carrier-related credentials.
• amazon mxc[.]shop it is a fake website Amazon mexico, designed as a copy of it amazon.on.mx. It has a profile login button in the top right corner that, when clicked, collects the users login credentials.

• amazonindo[.]on its a fraudulent website Amazon. It has a login/profile registration button in the top right corner which, when clicked, collects the users login credentials.

 

 

And much more:

• shopamazon2[.]com
• microsoft-amazon[.]shop
• amazonapp[.]nl
• shopamazon3[.]com
• amazon-billing[.]top
• amazonshop1[.]com
• fedexamazonus[.]top
• amazonupdater[.]com
• amazon-in[.]net
• espaces-amazon-fr[.]com
• usiamazon[.]com
• amazonhafs[.]buzz
• usps-amazon-us[.]top
• amazon-entrega[.]info
• amazon-vip[.]xyz
• paqueta-amazon[.]com
• connect-amazon[.]com
• user-amazon-id[.]com
• amazon762[.]cc
• amazoneuroslr[.]com
• amazonw-dwfawpapf[.]top
• amazonprimevidéo[.]com

 

Example of file phishing attempt

In June 2024, we discovered a widespread phishing campaign mimicking the brand Amazon, targeting the US in particular. The campaign distributed files with the following hash MD5: 39af8a116a252a8aaf2328e661b2d5a2. An example file is called Mail: -AmazonReports-73074[264].pdf.

The content of the file lures victims by urgently informing them that their account on Amazon has been suspended due to a billing information mismatch with their card issuer. It instructs them to update their payment information via a phishing link: trk [.] klclick3[.] on, which directs them to a fraudulent website. The message threatens account closure if immediate action is not taken, creating a sense of urgency to prompt the user to respond quickly, fearing data exposure or account termination as consequences of non-compliance.

 

Example of a website phishing attempt

In June 2024, a Portuguese phishing attempt impersonating the Amazon. The fraudulent email claimed payment failure for an order Amazon Prime Video (#D04-0005691-32024) and included a misleading link: http://20[.] 212[.] 168[.] 117/BR-PT/primevideo/.

Phishing site masquerading as a login page to Amazon, prompting users to enter their login credentials under the guise of being genuine Amazon. However, this site is not affiliated with Amazon and aims to trick users into revealing their account details.

How to stay safe shopping online on Amazon Prime Day

To help online shoppers stay safe this year, its researchers Check Point have outlined practical safety and security tips:

1. Check the addresses carefully URL : Be careful with misspellings or sites that use a different top-level domain (eg .co instead .on). These copy sites may look attractive, but they are designed to steal your data.
2. Create strong passwords: Make sure the password Amazon.on you are strong and cannot be broken before Prime Day to protect your account.
3. Look up HTTPS: Make sure the address URL of the site starts with “https://” and has a lock icon, indicating a secure connection.
4. Limit personal information: Avoid sharing unnecessary personal information, such as your birthday or social security number, with online retailers.
5. Be careful with emails: Phishing attacks often use urgent language to trick you into clicking on links or downloading attachments. Always verify the source.
6. Skeptical of unrealistic deals: If a deal seems too good to be true, it probably is. Trust your gut and avoid suspicious offers.
7. Use credit cards: Choose credit cards over debit cards for online purchases as they offer better protection and less liability in case of theft.

How to protect yourself from phishing emails

Η Check Point protects against its pervasive threat Phishing with the integrated 360° solutions Aunt-Phishing, providing security to accounts Email, browsers, endpoints, mobile devices and networks. With the support of Check Point ThreatCloud AI, this solution offers zero-day phishing protection by analyzing hundreds of breach indicators in real-time. It meticulously inspects every feature of incoming email messages, including attachments, links and text content, significantly reducing risks before messages reach your inbox. Furthermore, the solution Check Point Harmony Email and Office Aunt-Phishing leverages advanced algorithms based on AI to detect and block phishing attempts in real time by analyzing addresses URL , domains and suspicious content, ensuring comprehensive protection. This powerful solution integrates seamlessly with your existing security infrastructure, providing a layered defense strategy that adapts to evolving threats. Using his intelligence ThreatCloud, the Harmony Anti-Phishing detects and mitigates both known and unknown phishing attempts, protecting sensitive information and maintaining user trust.

By leveraging these advanced solutions, organizations can effectively counter evolving attacks Phishing that exploit human nature. Stay alert, informed and protected this day Amazon Prime Day to enjoy safe online shopping.