With a surge in online shopping this year, Prime Day scams will likely be even more prevalent, says Tim Sadler, CEO and co-founder of email security company Tessian.
“Popular shopping days like Amazon Prime Day and Black Friday create the perfect environment for hackers’ phishing attempts,” Sadler told ConsumerAffairs. He also weighed in with a rather stark warning for people looking for a great deal.
“Firstly, consumers expect to receive more marketing and advertising emails during popular shopping periods, and this makes it easier for cybercriminals to ‘hide’ their malicious messages in people’s noisier-than-usual inboxes. Attackers can also leverage the ‘too-good-to-be-true’ deals, using them as lures in their scams to successfully deceive their victims.”
Piggy-backing is the new game
While COVID-19 has garnered most of the headlines, cybercriminals have also been upping their game this year by “piggy-backing” on high profile events to make their phishing attacks as convincing as possible.
Sadler says consumers should expect similar tactics during Prime Day, with hackers impersonating Amazon in their emails and supposedly providing people with deals that are too good to be true.
These schemes are a huge issue for retailers. Research shows that over half of U.S. retailers are worried about their brand being impersonated during the upcoming holiday shopping season.
Spotting and squelching a scam
ConsumerAffairs asked Sadler how Prime Day shoppers can spot a Prime Day scam and what they can do to combat them. Here’s what he had to say:
“Be wary of emails that offer special deals or coupons associated with Prime Day -- especially if those discounts can only be accessed by clicking on a link or from a brand or name you don’t recognize,” he said. He also provided the following pointers:
Always check the sender and verify that it’s a legitimate email address. Scammers will take advantage of the fact that mobile email only shows a display name, as opposed to the full email address. This means that a bad actor could send a message from an unknown email address, but change the display name to ‘Amazon’ to make it appear legitimate.
If you receive an email or text that has an associated action or a sense of urgency or deadline, it’s most likely a scam. Ask yourself, do you normally receive an email or text after purchasing an item? Does the request make sense?
Check for spelling or grammar mistakes. Legitimate messages from large companies will rarely have errors.
If a message contains a link or attachment, it is likely fraudulent. As a rule of thumb, be skeptical of any hyperlinks and don’t click on them.
The bottom line? Sadler says it’s the same as any other supposed deal: “If something seems too good to be true, it probably is.”