Looking forward to Amazon Prime Day? Be cautious: Hackers are too

Millions of consumers are eagerly anticipating Amazon’s annual online shopping extravaganza, Amazon Prime Day. This year, Amazon is offering more than 1 million deals through a 48-hour period which begins on October 13. The annual retail event is one of the many perks included in a Prime subscription and its discounts are exclusively available to Amazon’s 150 million Prime members. In 2019, Prime Day sales were estimated to be over 7 billion U.S. dollars.

But it isn’t just consumers who look forward to this annual shopping bonanza:  hackers do, too. Researchers at Check Point have conducted an analysis of cyber threats related to Amazon’s Prime Day in the weeks leading up to the event. They found an alarming increase in the number of registered domains related to Amazon that are malicious. In the 30 days, there was a 21% increase in domains registered containing the word “Amazon”, compared to the previous month. More than a quarter (28%) of those domains have been found to be malicious and another 10% suspicious.

Furthermore, the number of domains registered containing the words “Amazon” and “Prime” has doubled within the last 30 days, with 20% of those domains being malicious.

Alarm over Domain Registrations

You may be thinking: why are domain registrations alarming? The reason is that they are used to lure and trap online shoppers through their similarity to the familiar, trusted URL, in this case, Amazon.com. Hackers imitate trusted e-commerce websites to lure consumers into keying-in their most sensitive data, such as their credit card information, names, birthday, email and physical addresses, and other details, into the hacker’s malicious site.  Armed with that data, the hacker can either go on a spending spree of their own, using the victim’s card details, or sell on those details to other criminals..

How to Stay Safe on Amazon Prime Day

Make no mistake:  in the same way you will be hunting for bargains, hackers will be phishing for victims on Amazon Prime Day. To help online shoppers stay safe this year, Check Point researchers have outlined 7 practical security and safety tips:

  1. Watch for misspellings of Amazon.com. Beware of misspellings or sites using a different top-level domain other than Amazon.com. For example, a .co instead of .com. Deals on these copy-cat sites may look just as attractive as on the real site, but this is how hackers fool consumers into giving up their data.
  2. Look for the lock. Avoid buying something online using your payment details from a website that does not have secure sockets layer (SSL) encryption installed. To know if the site has SSL, look for the “S” in HTTPS, instead of HTTP. An icon of a locked padlock will appear, typically to the left of the URL in the address bar or the status bar down below. No lock is a major red flag.
  3. Share the bare minimum. No online shopping retailer needs your birthday or social security number to do business. The more hackers know, the more they can hijack your identity. Always maintain the discipline of sharing the bare minimum when it comes to your personal information.
  4. Before Prime Day, create a strong password for Amazon.com. Once a hacker is inside your account, it is game over. Make sure your password for Amazon.com is uncrack-able, well before October 13.
  5. Don’t go public. If you find yourself at an airport, a hotel or your local coffee shop, please refrain from using their public wi-fi to shop on Amazon Prime Day. Hackers can intercept what you are looking at on the web. This can include emails, payment details, browsing history or passwords.
  6. Beware of “too good to be true” bargains. This will be tough to do, as Prime Day is all about great offers. But, if it seems WAY too good to be true, it probably is. Go with your gut: an 80% discount on the new iPad is usually not a reliable or trustworthy purchase opportunity.
  7. Stick to credit cards. During Prime Day, it’s best to stick to your credit card. Because debit cards are linked to our bank accounts, we’re at much higher risk if someone is able to hack our information. If a card number gets stolen, credit cards offer more protection and less liability.