Researchers Uncover Scams Targeting Amazon Prime Day

Mary Lou Roberts talks about "phishing kits" and more...

Scams that target online shoppers are not new. Both Netflix and Apple’s App Store have been recent subjects of a particular type of scam. Now that type of scam is expected to be widely deployed during Amazon’s Prime Days, July 15 and 16.

In late 2018 security firm McAfee discovered a so-called “phishing kit” called 16Shop. It’s simply a set of technical instructions for setting up a phishing scam that closely mirrors activities of a legitimate retailer, including using that retailer’s identity. It appeared to be the technique that was used against Apple and Netflix and tech firms expect it to be used for Amazon’s Prime Days.

The email looks legitimate, the URL looks legitimate at first glance, but the dead give-away is that it contains a PDF attachment. The PDF may purport to be a receipt, but it is actually a request for information that will give up details about your Amazon account and other personal information.

Look at it this way—when has Amazon ever emailed you except to send information for a completed order unless you subscribe to a specific email program like Deals of the Day or Kindle Unlimited? Two days ahead of Prime Days I am getting emails about anticipated Prime Day specials but they are from tech sites that I visit frequently. I’m in the mood not to even click on those email links. I can always go directly to the site and look for the article there.

One check if you use Gmail is to click on the downward arrow next to the sender’s name in your email; that gives detail on the account that sent the email. Spotting a fake URL is harder because they are set up to look realistic. That detail revealed by the downward arrow includes the sender, which is likely to be an email services firm, and who signed the email, which is more revealing. As a further check you can copy the URL into your browser and see whether it appears to lead to a valid website. If you don’t use Gmail, there is a message header that gives similar information. Search ‘message header Outlook (or other email)’ for instructions on how to find it.

This blog post from McAfee shows what the email and the accompanying PDF look like. The article from Wired magazine explains how the Apple scam played out from the user’s perspective.

Be safe rather than sorry. Enjoy your shopping, but go directly to Amazon to do it. Don’t open PDFs or follow any links from anyone, no matter how good the offer or how valid it looks!


CapeCodToday.com welcomes thoughtful comments and the varied opinions of our readers. We are in no way obligated to post or allow comments that our moderators deem inappropriate. We reserve the right to delete comments we perceive as profane, vulgar, threatening, offensive, racially-biased, homophobic, slanderous, hateful or just plain rude. Commenters may not attack or insult other commenters, readers or writers. Commenters who persist in posting inappropriate comments will be banned from commenting on CapeCodToday.com.