Ahead of this year’s Amazon Prime Day 2025 on July 8th, shoppers worldwide are preparing their wish lists. So are cyber criminals. Phishing attacks are already targeting innocent shoppers. In June alone, over 1,000 new domains with names resembling Amazon appeared online. Alarmingly, 87% of these have already been flagged as malicious or suspicious. Many of the domains include the term “Amazon Prime”, with one in every 81 of the risky domains containing this phrase.

Why Domain Spam and Phishing Surge Ahead of Prime Day

High-stakes shopping events like Prime Day are magnets for online fraud. Cyber criminals ramp up their efforts using two primary tactics:

  • Fake domains: Websites designed to imitate Amazon’s login or checkout pages.
  • Phishing emails: Messages crafted to create urgency like “refund errors” or “account issues,” luring victims into clicking malicious links.

The fake domains, which try to masquerade as authentic Amazon portals, aim to steal login credentials and personal information. A successful attack can lead to unauthorized purchases, identity theft, or gift card abuse.

For example, Amazon02atonline51[.]online is a newly registered fraudulent site designed to mimic the Amazon Sign-in page. In reality, this is a phishing site that targets German customers.

Another newly registered fraudulent domain, amazon-2025[.]top, mimics Amazon’s login page to collects users’ login credentials.

Real-World Phishing in Action

Recently, Check Point Research intercepted a phishing campaign spoofing Amazon. One email used the subject line “Refund Due – Amazon System Error” with the sender’s email address spoofed to appear as if from “Amazon, tricking recipients into clicking a link to “update their address.” The link led to a fraudulent Amazon login page created to harvest the user’s credentials.

Phishing Email –
Refund Due – Amazon System Error

Phishing site –
https://cloud-service-care[.]com/render-template/?csu=taEPGgaY&status_id=n

How to Stay Safe This Prime Day

With Prime Day fast approaching, shoppers can take the following steps to protect themselves:

  1. Verify URLs

Many malicious domains closely mimic Amazon’s real URL. Look out for extra characters, odd domain endings (like .top or .online), or hyphenated brand names.

  1. Avoid Email Links

If you receive an email about your Amazon account, don’t click links. Instead, open your browser and go directly to www.amazon.com or use the official Amazon app.

  1. Check for HTTPS and the Padlock Icon

Make sure any website you enter personal information on uses HTTPS. Look for the padlock in the address bar, though remember that even some malicious sites can fake this, so always double-check the URL itself.

  1. Use Strong, Unique Passwords and Enable Two-Factor Authentication

Use a password manager to generate and store strong passwords and enable 2FA on your Amazon account to reduce the risk of account takeover.

  1. Watch for Urgency or Pressure Tactics

Scammers often try to panic you into acting fast. Be wary of any message that tells you your account will be suspended unless you act immediately.

  1. Be Skeptical of Unrealistic Deals

If an offer looks too good to be true, especially outside Amazon’s official site, it probably is. Luxury goods or electronics at extreme discounts are a common bait.

  1. Use Safe Payment Methods

Whenever possible, use secure and traceable payment options, such as virtual credit cards or payment apps, which add layers of protection and are easier to dispute in the case of fraud.

Stay Protected from Phishing Emails

Check Point offers robust defenses against the widespread threat of phishing with its all-encompassing 360° anti-phishing solutions. This service secures email accounts, web browsers, endpoints, mobile devices, and networks. Utilizing the power of Check Point ThreatCloud AI, it delivers zero-day phishing protection by assessing numerous indicators of compromise in real time. The solution carefully examines each aspect of incoming emails, such as attachments, links, and text content, significantly lowering risks before these emails reach your inbox.

Furthermore, the Check Point Harmony Email and Collaboration Anti-Phishing solution employs sophisticated AI-driven algorithms to identify and block phishing attempts instantly, scrutinizing URLs, domains, and any suspicious content to ensure thorough protection. This robust solution integrates effortlessly with existing security systems, creating a layered defense strategy that adapts to emerging threats. By harnessing ThreatCloud intelligence, Harmony Anti-Phishing can detect and address both familiar and unfamiliar phishing attempts, protecting sensitive data and preserving user trust.

Final Takeaways

Prime Day is a great opportunity to snag deals, but it’s also a favorite time for cyber criminals to launch scams. Awareness and vigilance are key to protection.

Here’s a quick recap:

  • Plan your purchases and go directly to Amazon’s website or app.
  • Avoid clicking links in emails claiming to be from Amazon.
  • Check URLs and don’t trust offers that seem suspiciously good.
  • Use strong passwords, enable two-factor authentication, and consider safe payment options.
  • Slow down if you receive a message that tries to pressure you into fast action.

Shop smart. Stay alert. Don’t let cyber criminals make you their next target.

You may also like