Amazon Issues Attack Warning: Protect Your Account During Cyber Week
Amazon has issued a general security alert to its over 300 million users warning of an account-seeking scam and phishing surge on the eve of Black Friday and Cyber Week as online purchases are projected to make a massive surge. The retail giant advised users to be extremely alert of messages that attempt to steal login information, payment information or direct users to spoofed storefronts and counterfeit payment portals.
An advisory in the company sent to customers by email and also placed in customer notices, advised customers to approach unsolicited delivery messages, account-issue messages and offers that seem to be too good to be true with caution. Amazon pointed out some of the tricks used by scammers at this time of year: phishing emails and SMS, posing as official order or delivery alerts, fake social-media advertisements that redirect buyers to counterfeit websites, and impersonation calls or messages that push recipients to enter one-time codes or passwords.
How to Protect Your Account After Amazon Issues Attack Warning
According to security researchers, the attack is timed, and criminals will use the panic and rush of the busier shopping days to raise the effectiveness of credential-gathering campaigns. Companies that monitor the pattern of phishing have found that there is an increased use of advanced attachment and even PDF format baits that seem to be the real notices of Amazon but instead redirect victims to compromised payment gateways. Analysts caution that threat actors are incorporating older email tricks with newer tricks, e.g. browser notification spoofing and push-message abuse, to get around simple filters.
Why this is important: account takeovers and payment frauds may lead to fraudulent orders being made in a very short period of time, stolen gift cards, depleted payment systems and lengthy and expensive recovery procedures in case of victims. The Internet Crime Complaint Center of the FBI and other agencies have recorded increased instances of losses related to e-commerce frauds on numerous occasions; industry reporting confirms that there are high numbers of losses and complaints complaints during the major sale events. The mass warning of Amazon is aimed at dulling that seasonal increase that is predictable.
What Amazon recommends
Do not follow links in spam emails or text messages, open another web browser and log in at amazon.com to view order status.
Have accounts with Amazon enabled with multi-factor authentication (MFA).
Note: Check the domain names and the sender addresses used in the emails and be skeptical about the messages which insist on urgent action.
Contact Amazon through their dedicated reporting systems and look into account activity as soon as you notice orders that you are not familiar with.
Such measures reflect a long-term set of recommendations by Amazon, as well as cyber security sellers. Amazon additionally redirects users to its security pages and bulletin channels of the most recent alerts and confirmed advisory.
What customers need to be aware of.
Fraudsters are becoming more innovative. Look out for:
Fraudulent emails about a delivery issue requesting money to be paid in order to release a package.
Advertisements on social networks which connect to cloned storefronts and offer good prices.
Phone calls purporting to be Amazon support require passwords or one-time codes.
PDF files or links to open persuasive yet fraudulent payment websites.
In case of doubt, call Amazon via the official app or the official site instead of responding to the messages.
These are what retailers and sellers ought to do.
The environment of increased risk during the Cyber Week should be presumed by third-party sellers and businesses that make use of Amazon marketplace or AWS services. To eliminate platform-level threats, the recommended actions that sellers can undertake are to review account permissions, rotate credentials, keep an eye on suspicious logins and use the available security controls, including AWS security bulletins and vulnerability reporting channels.
The warning by Amazon about the attack indicates that the period of the annual holiday shopping increases both legitimate traffic and opportunistic cybercrime. Both consumers and sellers are encouraged to increase their basic security hygiene enable MFA, confirm links and messages and report suspicious activities to minimize the chances of being a victim of a fraud aimed at taking advantage of the hurry of Cyber Week.
Read Also This: Robert Irwin Wins Dancing With the Stars