Amazon Scams up 7X Leading up to Prime Day

The biggest retail event of the year has been confirmed with Amazon’s announcement of their 2021 Prime Day of June 21 and 22.  Typically held in the summer, the event was moved to October last year due to supply chain and delivery disruptions because of the pandemic.  Despite all of the issues Amazon faced, sales were an estimated $10.4 billion during the two day event in 2020, up 45.2% from $7.16 billion in 2019.

Scammers pounced with the 2020 Prime Day announcement, and Bolster Research observed huge increases in the volume of Amazon phishing and scam sites when rumors of a fall Prime Day started circulating in Aug then later confirmed in September.  August 2020 experienced a 110% increase in the number of new phishing and scam sites created, and September 2020 saw a 153% increase.  In October 2020 alone, there were 1,606 new Amazon phishing and scam sites created, which was nearly 16X the average volume.

Scammers Readying for Prime Day 2021

The 2021 Prime Day is expected to be even bigger than last year, and scammers are already preparing for the highly anticipated event.  Bolster Research observed a decline after Prime Day 2020 followed by a spike in December for the holidays.  The beginning of 2021 started with a lower volume, but the baseline of phishing and scam activity remains much higher than it did in the same period the prior year.

The chart below compares the volume of newly created Amazon phishing and scam sites in 2020 and 2021.  Looking at the months of January through May, there were 394 sites in 2020 and 2,805 in 2021, more than a 7X increase.  If the pattern holds from 2020, there will be a huge increase in the volume of these sites in June as we get closer to Prime Day.

Scam Alert: Early Prime Day Deals

One of the scams that Bolster Research has discovered are sites promoting “Early Prime Day Deals,” something the real Amazon site is doing.  The screen shots below compare the fake scam site to the real Amazon site.  To an unwary shopper, the fake site is indistinguishable from the real one.  Even the URL contains “amazon.com,” though it is really “qqcn2.com.”  The site is hosted by the Chinese company Shenzhen Tencent Computer Systems in Los Angeles, CA.  There are signs that this is a scam site, but most people would not have access to the data.  For example, the IP address being used was used for eight other phishing sites.

The objective of scam sites like these are pretty straightforward.  They rely on the shopping frenzy built by something like Prime Day, where shoppers are likely to let their guard down.  Consumers are driven to one of these fake sites through mass emails or search engine results and make a purchase for products that never arrive.

Checkphish Analysis of fake site: http://www.amazon.com.qqcn2.com/

A Way to a Shopper’s Heart is Through the Wallet

Another scam Bolster Research has uncovered are sites asking shoppers to set up their Amazon wallet.  One of the promotions during Prime Day is to sign up new members, and part of that process is to set up your Amazon wallet so you can take advantage of all those great deals.  This page asks users to set up their Amazon wallet and enter their credit card information.

Like the previous site, there is clear data that this is not a real site that the average consumer would never know about.  The site is hosted by the Russian hosting company Spaceweb in Moscow, Russia.  The domain has been used for three different phishing campaigns, and the IP address has been used for 89 different phishing sites.

Checkphish Analysis: http://haloor872i.temp.swtest.ru/ws/cac87/wallet.php

How to Stay Safe on Prime Day

The allure of a good deal is universal, and there are some simple tips that shoppers can use to stay safe and benefit from the largest retail sales event of the year.

Start at amazon.com

Scammers are able to copy legitimate sites exactly, and many of the signals that indicate a site is not real is not easily accessible to the average person.  The most common method of luring shoppers to a scam site is through SPAM emails.  To avoid getting scammed, avoid clicking on links in emails and start shopping by going to the Amazon site directly.

Set strong passwords and don’t reuse them

Many people reuse passwords, which means that if scammers are able to obtain your password for Amazon, they could also use it to your bank account, email, or Instagram.  With the number of accounts people have these days, it’s nearly impossible to manually keep track of them all.  Consider using a password manager, most of which also have a feature that creates strong passwords and reminds you to update them.

Avoid deals that are too good to be true

This one seems obvious, but it is just too true.  Shopping does have an emotional aspect, and the thought of getting a great deal provides a lot of satisfaction.  Scammers rely on this to hook unsuspecting shoppers and steal their money.  Do your research before Prime Day to have a sense of the price points for the products you want to buy.  Then if you see a price point that is far below that level, then do the diligence that it is not a scam.

*** This is a Security Bloggers Network syndicated blog from Bolster Blog authored by Young-Sae Song. Read the original post at: https://bolster.ai/blog/amazon-scams-up-7x-leading-up-to-prime-day/