Amazon is the only brand that seems to have created its own holiday: Prime Day. Other firms are trying to leverage it. And so are miscreants.
For instance, McAfee has exposed an email phishing kit designed to target Amazon shoppers, Wired reports.
The kit, 16Shop, “makes it easy for anyone to craft an email that looks like it comes from a major tech company, with a PDF attached,” Wired reports. The PDFs resemble the Amazon log-in page.
Suckers — rather, victims — will type in their passwords without realizing they are compromising their accounts.
The scheme, which is identical to one that targeted Apple shoppers, “looks to leverage the subconscious lever of authority to invoke user interaction,” says McAfee chief scientist Raj Samani, Wired, continues.
That’s only one potential threat. Another is that people will shop on company computers and expose their entire firms to cyber destruction, according to security firm Mimecast.
Mimecast conducted research showing that 69% of the respondents use devices issued by their employers for non work-related activities, and that 33% use them to check personal emails.
Last year’s scams included promises of $50 bonus gift cards and tracking numbers for orders, Mimecast reports. This year’s will probably be even more sophisticated — watch for them to feature QR codes.
It’s not clear that any of these efforts have yet resulted in big losses. But the threat exists.
“Any widely experienced or known event is on cybercriminals’ radar just like it is for the rest of us,” says Matthew Gardiner, cybersecurity expert at Mimecast.
“Amazon’s Prime members, now with more than 100 million members, and the huge spectacle of Prime Day certainly qualifies.”
Gardiner adds that “given the high level of awareness and interest that Prime Day has, cybercriminals will use it to grab their intended victims’ attention and motivate them to do things that they shouldn’t.”
How do you fight it? “Consumers and businesspeople should always scrutinize their email and not necessarily trust that what they are being presented is actually legitimate,” Gardiner says.
“However, the easiest way to protect yourself in this case is to not click any links or open any attachments purported to be from Amazon and just type “amazon.com” in your browser, login as normal and shop-away!”
Cyberlink Research, which also reports that bad actors are gearing up, based on dark web chatter, advises brands to identify abandoned subdomains that may be claimed by threat actors and claim those with a high similarity to yours — those that may be used for phishing attack.
In addition, seek out and remove fake apps. And limit the number of accounts that can be registered from one IP address in a certain period of time, Cyberlink urges. Finally, watch out for fraudulent refunds — and train your employees.