Don't Open Any Amazon Prime Day Emails, Just in Case

By Melanie Ehrenkranz on at

Amazon’s made-up holiday dedicated to “epic deals” and working its warehouse workers to the bone is fast approaching, and so, apparently, are pretty convincing phishing scams disguised as emails from the tech giant.

McAfee researchers discovered an “Amazon Phishing Kit” in May of this year designed after a phishing scam that hit Apple users last year, according to a blog post from the security firm. The researchers believe the same group is behind the Amazon attack alongside another malicious actor.

The kit lets someone create an email with a PDF attachment that looks like it’s sent from Amazon. The links included in the email direct the victim to a fake Amazon log-in page. According to images posted by McAfee, they’re pretty convincing, if fairly basic as far as phishing scams go. The links directing someone to the fake log-in page are malicious, however, and the researchers wrote that any data gathered after someone clicks on the link will be sent to the creator of the kit via Telegram.

The fake Amazon login page. Image: McAfee

If someone falls for the scam and does fill in the information requested on the fake webpages, the scammer would then have their name, Amazon password (and if that password was used for other websites, access to those accounts as well), birthday, address, credit card information, and Social Security number, Wired reported.

“Cybercriminals take advantage of popular, highly visible events when consumers are expecting an increased frequency of emails, when their malicious emails can hide more easily in the clutter,” Crane Hassold, threat intelligence manager at digital fraud defence firm Agari, told Wired. “Consumers are also more conditioned to receiving marketing or advertisement emails during certain times of the year—Black Friday, Christmas, Memorial Day—and cybercriminals format their attack lures accordingly to increase the chances of success.”

While the Amazon version of the phishing scam was discovered back in May, and has already been deployed over 200 times, according to the researchers, Prime Day is a prime day to target Amazon customers salivating over some sweet deals and thus more vulnerable to clicking on links with less healthy scepticism.

Prime Day takes place July 15 and 16, so take extra caution when clicking what might be a suspicious email from the company on those days. You can always check to see if the email is sent from a legit Amazon domain, but that can be spoofed, so researchers recommend that if an email asks you to navigate to their website to fill in any personal information, you do so by manually going to the login page rather than being directed by a potentially malicious link.

You can also stick it to the man by simply not indulging in the corporately manufactured holiday, supporting grossly mistreated Amazon workers by sending those Amazon emails straight to the garbage.