2018 Amazon Prime Day: The Scams are About to Begin

All Day Shopping Means Your Office IT Network is at Risk

“Your order cannot be shipped…”

“There was a problem processing your order…”

“You will not be able to access your account or place orders until we confirm your information...”

Don’t believe it.

No matter how authentic that Amazon email looks, don’t click on any links, or for that matter, any email you have not verified as legitimate. Amazon Prime Day is a bacchanalia for cyber scum. Phishing emails. Infected pop-up ads, online and telephone offers for deals that are so awesome, they can override a person’s impulse control, leading shoppers to click before they think.

Prime Image 1

Last year, Prime Day pulled in more sales than Black Friday, with a flood of discounts on products people suddenly realized they could not live without. After all, who doesn’t need a Segway, iRobot Roomba Vacuum or Thermal Imaging Camera.

Beware of links in time-limited offers

Then there are the “Lightning Deals”, only available for specific products for limited times and free trial offers if you don’t have an account. These examples could be legitimate, but clicking on that unverified email could be the end of a shopping spree and the beginning of a cyberattack with devastating results.

With a 24+ hour time window, you can bet that employees will be shopping during office hours, using office computers and other devices connected to the office network, elevating the risk of a cyber threat.

Reduce your vulnerability to a cyberattack:

  • Advise employees not to click on any email allegedly from Amazon, and instead, enter Amazon.com into their web browsers and log into their accounts.
  • Never click on an attachment, from Amazon or anyone else, before validating. Infected attachments can install malware on computers.
  • Watch for typos, extra spaces and punctuation errors. Emails from reputable companies should not have errors. In addition, hover over all links. If they don’t match the domain address, it’s a scam.
  • Two-step verification. Yes, it’s annoying, but worth the small inconvenience. Two-factor authentication, as it’s called, requires you to prove who you are two different ways. Google, Facebook, Apple, your bank, and health insurance companies offer, and sometimes require, two verifications to access your account.

Businesses should have to strong security controls to protect their networks, and an ongoing security awareness program to be effective. Phishgoggles Security Awareness Service is one option to make secure behaviors second nature. With the rise in sophisticated, legitimate-looking phishing emails, social media ads and fake websites, securing your technology and your people is no longer optional.

When is Amazon Prime Day?

Unofficial reports suggest July 17, but Amazon has yet to confirm.

Request our Top 10 Security Awareness Tips

Marjorie Valin

Marjorie Valin, our VP of Marketing, brings 25 years of marketing and communications expertise to Summit and our clients, across multiple industry sectors including cyber security, associations and nonprofits, higher education, healthcare, financial and legal services. She helps define, direct and implement marketing strategy, content development, social media and communications based on business and branding objectives. From Fortune 500 companies to startups, Marjorie provides our clients with a depth of consulting expertise that extends well beyond IT and security.

Related Posts


Sign up for Our Blogs

Latest blogs