How to Dodge Cybercriminals and Scams on Amazon Prime Day – NBC Bay Area
June 21-22 marks this year’s Amazon Prime Day: the online retail giant’s annual summer sale event. Many consumers are expected to lose hundreds of dollars on this year’s shopping event, both on Amazon and other online retailers with deals.
Adobe’s Digital Economy Index predicts that total online spending for 2021 Amazon Prime Day will exceed the $ 10.9 billion spent by online shoppers on Cyber Monday in 2020. In a rush to wrap up of online offers, shoppers will also need to be on the lookout for malicious activity.
The Better Business Bureau issued a warning ahead of this year’s Prime Day, noting that phishing scams increase during busy shopping times like Prime Day and Black Friday.
BBB has also advised consumers to be on the lookout for social media ads that may redirect them to scam websites.
“Scammers often create similar websites that at first glance appear to be from a trusted retailer,” BBB noted. “But when you take a closer look at the URL, you will notice that the domain name is slightly different (that is, instead of Popularstore.com, the URL can be PopvlarStore.com or PopularStoreOnline. com). “
Check Point Research, the research arm of cybersecurity firm Check Point Software, noticed an increase in suspicious domain names ahead of Prime Day this year. Almost 80% of the more than 2,300 new Amazon-related domains found by Check Point have been flagged by their team as potentially unsafe.
Three researchers from Check Point, headquartered in the United States in San Carlos, examined new domain registrations containing the word “Amazon” over the course of a month. They ran the results through their sensors and used machine learning to detect malicious files. In total, 46% of these domains were found to be malicious and 32% were deemed suspicious. Check Point says its researchers were able to find both phishing emails and fake websites that were confirmed to be malicious.
Ekram Ahmed, spokesperson for Check Point Software, warned of a potential “domain spoofing”. “I would triple check inbox emails claiming to be from Amazon [this] week, ”he wrote in a statement.
Advice on first day purchases
Here are more tips from Check Point researchers to avoid security risks this Prime Day:
- Avoid buying something online from a website that does not have Secure Sockets Layer Encryption installed. You can verify that a site has this by confirming that the URL contains HTTPS. A padlock icon will also be visible, usually to the left of the URL in the address bar. “No lock is a major red flag,” Check Point noted.
- Share the bare minimum when it comes to your personal information when shopping online.
- If you are in a public place during Prime Day, avoid using public Wi-Fi to shop on Amazon. “Hackers can intercept what you watch on the web,” Check Point noted.
- Beware of offers that sound too good to be true. “Go with your instincts,” advises Check Point. “An 80% discount on the new iPad is generally not a reliable or trustworthy buying opportunity. “
- Make purchases with your credit card, if possible. Since debit cards are linked to bank accounts, consumers are at a higher risk if their information is hacked.
Tips for keeping your Amazon account secure
Amazon tells NBC Bay Area that it has security measures in place “to ensure that accounts and credentials remain secure.” A company spokesperson offered the following advice to clients on account security:
- Choose a strong, unique password for your Amazon account that you don’t use anywhere else
- Add 2-step verification to your account for extra protection if your password is stolen
- Never click on a phone or email about an Amazon item you haven’t purchased. Instead, go to the “Your Orders” section of your Amazon account to review your purchases.
- Look carefully at the URL of the website you are on. Legitimate websites have a dot before “Amazon.com,” such as https://pay.amazon.com, a spokesperson explained.
- Don’t fall for phone scams. BBB warned of scams earlier this year from people posing as Amazon employees. “Amazon will never contact you first to ask for your password, verification codes or security question, and we will never ask you to disclose or verify sensitive personal information or to offer you a refund that you do not want. you don’t expect it, ”the Amazon spokesperson said.