Amazon Prime Day Scams on the Rise: How to Protect Yourself

As Amazon Prime Day kicks off today, shoppers are gearing up for significant discounts. However, this period also sees a surge in scams. Cybercriminals take advantage of the shopping frenzy with various tactics. One common scam involves phishing emails and text messages that appear to be from Amazon, asking users to confirm their account details. Fake websites designed to look like Amazon’s login page also trick users into entering their credentials. Social media platforms are rife with fraudulent links promising exclusive deals that lead to malicious sites. According to a recent report by cybersecurity firm Checkpoint, over 1,200 new Amazon-related domains were registered in June, with 85% identified as malicious.  A few examples are: amazon-onboarding[.]com, amazonmxc[.]shop,  amazonindo[.]com

Common Scams to Watch Out For:

1. Phishing Emails: These emails often mimic Amazon’s official communication, prompting users to click on malicious links or download attachments.
2. Fake Websites: Scammers create look-alike websites to capture personal and financial information. These sites often use URLs that closely resemble Amazon’s official site.
3. Social Media Scams: Fraudulent posts or messages on social media platforms promise exclusive deals and discounts, luring users to click on harmful links.
4. Gift Card Scams: Scammers may ask for payment in the form of Amazon gift cards, claiming that it’s a secure method of transaction.
5. Customer Support Scams: Fraudsters pose as Amazon customer support, asking for personal information or payment details under the guise of resolving an issue.

How to Protect Yourself:

1. Verify URLs: Always double-check the website’s URL before entering any personal information. Legitimate Amazon websites will always have “amazon.com” as their domain.
2. Avoid Suspicious Links: Do not click on links or download attachments from unsolicited emails or messages.
3. Use Official Apps: Conduct your shopping through the official Amazon app or website to ensure a secure transaction.
4. Enable Two-Factor Authentication: Adding an extra layer of security to your Amazon account can help protect against unauthorized access.
5. Report Suspicious Activity: If you come across any suspicious emails or websites, report them to Amazon and your email provider.

Shoppers should remain vigilant and take proactive measures to protect their personal information during Amazon Prime Day. By being aware of these common scams and following best practices for online safety, consumers can enjoy a secure shopping experience.

Feeling lost in the digital world? Dr. Tom is here to help!

Join Dr. Tom every week in his column, Dr. Tom’s Cyber Bits and Tips, for byte-sized advice on all things cyber and tech. Whether you’re concerned about online safety, curious about the latest cybercrime trends, or simply want to navigate the ever-evolving digital landscape, Dr. Tom has you covered.

From practical cybersecurity tips to insightful breakdowns of current threats, Dr. Tom’s column empowers you to stay informed and protect yourself online. So, dive in and get savvy with the web – with Dr. Tom as your guide!

About Dr. Tom

Thomas Hyslip currently serves as an Assistant Professor of Instruction in the Department of Criminology, University of South Florida teaching exclusively in the online Master of Science in Cybercrime program. The program is a unique blend of criminology, digital forensics, cybercrime investigations, and incident response course work.

Prior to USF, Dr. Hyslip worked as a Special Agent with the Defense Criminal Investigative Service (DCIS) and United States Secret Service for 23 years.  While assigned to the DCIS Southeast Field Office, Dr. Hyslip led an undercover operation dedicated to targeting and dismantling the most egregious cyber-criminal enterprises. Dr. Hyslip worked with the National Security Agency, and the United States Cyber Command to identify and infiltrate cyber-criminal organizations targeting the DoD.

In 2012, Dr. Hyslip was promoted to lead the newly created Department of Defense, Defense Criminal Investigative Service (DCIS), Cyber Resident Agency. He led daily procedural and operational activities of special agents in eight locations across the eastern United States responding to computer intrusions within the DoD and the Defense Industrial Base.  His office also provided computer forensic support to all DCIS offices and investigations within the Eastern United States, Europe, Africa and Southwest Asia.  During this time, Dr. Hyslip worked proactively to target international Cyber-Crime groups and worked undercover to penetrate underground cyber-crime organizations which resulted in the dismantlement of the WebStresser DDoS platform in 2018; the ExoStresser DDoS platform in 2019; and the PowerStresser DDoS platform in 2020.

Dr. Hyslip is also a retired U.S. Army Colonel. His last assignment was as a Historian with the U.S. Army Center of Military History. He was previously assigned to the Office of the Surgeon General as an Environmental Engineer, and as an Assistant Professor of Preventive Medicine at the F. Edward Hébert School of Medicine, Uniformed Services University of the Health Sciences. COL Hyslip has a mix of active duty and reserve assignments spanning over 27 years including assignments with the US African Command, Office of Inspector General, the Department of Defense, Office of Inspector General, and the US Army Reserve Information Operations Command. In 2005, COL Hyslip deployed to Iraq with the 306th Military Police Battalion and earned a Bronze Star, Purple Heart, and Combat Action Badge.

Dr. Hyslip earned his Doctor of Science degree in Information Assurance from Capitol College, Master of Science degree in Technology Systems from East Carolina University, and his Bachelor of Science degree in Mechanical Engineering from Clarkson University.  Tom and his wife Susan live in Tega Cay, SC with their daughter Reagan