Investigators concluded that nearly half (46%) of the domains are malicious; another 32% are deemed suspicious. One of the most common tactics malicious actors use to mislead Prime Day shoppers is phishing. CPR said threat actors are becoming more “creative and innovative” with their attempts to lure unsuspecting shoppers into their lair. A phishing attack involves luring victims to click on what seems like a trusted, legitimate, familiar source, but behind all the smoke and mirrors is a cybercriminal baiting Prime shoppers to give up sensitive information (e.g. passwords ad payment information). “Typically, the emails the victim receives appear to come from a known contact or organization. Attacks are carried out through malicious attachments or links to malicious websites,” CPR said.
How to steer clear of cybercriminals during Prime Day
- Laptop Mag will never lead you astray. We will be keeping an eye out for the best Prime Day 2021 deals on tech, including laptops, phones, earbuds, game systems and more. Stick by us and we’ll help you navigate Prime Day safely.
- Look for the lock. CPR investigators say that shoppers should avoid typing their payment details on websites without the secure sockets layer (SSL) encryption. To find out if a site has SSL, look out for the “S” in HTTPS (instead of HTTP). You should also look for a padlock icon on the address bar.
- Stick to credit cards. Using your debit card for Prime Day puts you at higher risk if someone hacks your information. Credit cards, on the other hand, offer more protection and less liability.