Cybersecurity experts raise alarm over Amazon Prime Day scams
As thousands of Canadians are on the hunt for deals during Amazon Prime Day this week, cybersecurity experts are sounding the alarm over fraudsters posing as the company online.
Amazon Prime Big Deal Days started on Tuesday and will run until Wednesday. The event, exclusively for Prime members, is offering hundreds of major discounts on merchandise.
Cybersecurity expert Ritesh Kotak says the company has been warning of scams on its site, after over 1,000 new Amazon domain names were created in the last month. Kotak says it’s likely that most of those new websites, offering deals and discounts linked to Amazon, will be fraudulent.
“There’s going to be a lot of fake websites out there and you might get links saying, ‘click on this because we have this fantastic deal related to Amazon Prime,'” Kotak told CTV’s Patricia Boal on Tuesday.
“You’re going to click on it, but in actuality it’s going to take you to a fake site that is going to try to collect your information and, in some cases, you might be shipped a product, but it could be counterfeit.”
Kotak says fraudsters have become more sophisticated and it can often be difficult to distinguish between a real or fake version of the Amazon website.
“These hackers and fraudsters are able to use generative AI tools to make it really mirror one from the website, and they can do it with just a click of a mouse,” he said.
CTV News Ottawa reported in August about a Gatineau, Que. woman who fell victim to a phone scam that resulted in the loss of $12,000. The woman received a phone call from someone claiming to be Amazon, alleging that her credit card had been used for a fraudulent purchase.
Similar frauds to this are becoming more common, especially during Prime Days.
“What I tell people is to use the app when possible, and when using a browser, double-check the URL at the top. Make sure it says Amazon or Amazon.ca and look for the little padlock. If the padlock is not there, don’t use that site,” he said.
Kotak also suggests not clicking external links to get to Amazon’s website. It is more secure to go to the real website and enter your credentials through there. He also suggests enabling two-factor authentication and to avoid recycling passwords.
Kotak says the scams are becoming “much more sophisticated” and that it’s important to do your due diligence before making any purchases.
“Go through the app or the website, validate and verify, because it’s very easy to get scammed by one of these hackers,” he said.
“A lot of these high-tech crimes have very low-tech solutions.”
Amazon reported nearly half of the impersonation scams reported to the company in August 2024 worldwide were false messages from scammers alerting you about a fraudulent order that doesn’t exist.
“In addition to Amazon’s resources like the Message Center, please check your bank account to spot any unusual activity before clicking on links or sharing information over the phone. Report a scam using Amazon’s self-reporting tool or contact Customer Service to report anything suspicious,” the company says on its website.
This article was first reported by CTV News