Amazon Prime Day is just around the corner, taking place from July 12th to July 13th, 2022. Prime Day is a 48-hour event where exclusive deals on the latest trending items in every category imaginable are made available. Since 2015, this annual event has created a recurring opportunity for cybercriminals to capitalize and take advantage of eager shoppers.
Cybercriminals stay up to date on the latest trends to ensure their pretexts are topical and cover the widest audience possible. In the past, cybercriminals have registered lookalike domains, cloned Amazon’s homepage, and sent both fraudulent emails (phishing), phone calls (vishing) and text messages (Smishing), all with the intent of capturing the consumer’s personal data and credit card information. It should come as no surprise that in 2022, cybercriminals have continued to leverage Prime Day as narrative in campaigns.
Thankfully, there are multiple ways to protect yourself from Prime Day related scams this year. Netragard recommends keeping the following security advice in mind as Prime Day approaches this year:
- Enable Two-Step Verification in the “Login & Security” section of your Amazon account. Enabling this setting will require a one-time code to be provided at login.
- Refrain from clicking links in an email or text message from “Amazon” about a Prime Day deal, update to your account, or order being placed. Instead, navigate to https://amazon.com and verify the information received on the official site. If you are still unsure, contact an official Amazon representative from the official Amazon Help page.
- Trust your gut. If something seems phishy – don’t engage. When a deal seems too good to be true, it most likely is. Do research ahead of time to ensure that you’re properly educated on what Prime Day offers, and what may be a scam.
Prime Day is one of the many events that cybercriminals leverage as a narrative every year in their malicious campaigns. Netragard’s social engineering services strive to emulate a realistic threat and protect you from people like us. If you are interested in performing a realistic social engineering assessment, get in touch with us!
Dominic Clark, Netragard
Senior Penetration Tester