By: Omer Dembinsky, Group Manager, Research & Threat Intelligence at Check Point Software Technologies.
Ahead of this year’s Amazon Prime Day 2025 on July 8th, shoppers worldwide are preparing their wish lists. So are cyber criminals. Phishing attacks are already targeting innocent shoppers. In June alone, over 1,000 new domains with names resembling Amazon appeared online. Alarmingly, 87% of these have already been flagged as malicious or suspicious. Many of the domains include the term “Amazon Prime”, with one in every 81 of the risky domains containing this phrase.
Why Domain Spam and Phishing Surge Ahead of Prime Day
High-stakes shopping events like Prime Day are magnets for online fraud. Cyber criminals ramp up their efforts using two primary tactics:
- Fake domains: Websites designed to imitate Amazon’s login or checkout pages.
- Phishing emails: Messages crafted to create urgency like “refund errors” or “account issues,” luring victims into clicking malicious links.
The fake domains, which try to masquerade as authentic Amazon portals, aim to steal login credentials and personal information. A successful attack can lead to unauthorized purchases, identity theft, or gift card abuse.
For example, Amazon02atonline51[.]online is a newly registered fraudulent site designed to mimic the Amazon Sign-in page. In reality, this is a phishing site that targets German customers.
Another newly registered fraudulent domain, amazon-2025[.]top, mimics Amazon’s login page to collects users’ login credentials.
Real-World Phishing in Action
Recently, Check Point Research intercepted a phishing campaign spoofing Amazon. One email used the subject line “Refund Due – Amazon System Error” with the sender’s email address spoofed to appear as if from “Amazon, tricking recipients into clicking a link to “update their address.” The link led to a fraudulent Amazon login page created to harvest the user’s credentials.
Phishing Email –
Refund Due – Amazon System Error
How to Stay Safe This Prime Day
With Prime Day fast approaching, shoppers can take the following steps to protect themselves:
- Verify URLs – Many malicious domains closely mimic Amazon’s real URL. Look out for extra characters, odd domain endings (like .top or .online), or hyphenated brand names.
- Avoid Email Links – If you receive an email about your Amazon account, don’t click links. Instead, open your browser and go directly to www.amazon.com or use the official Amazon app.
- Check for HTTPS and the Padlock Icon – Make sure any website you enter personal information on uses HTTPS. Look for the padlock in the address bar, though remember that even some malicious sites can fake this, so always double-check the URL itself.
- Use Strong, Unique Passwords and Enable Two-Factor Authentication – Use a password manager to generate and store strong passwords and enable 2FA on your Amazon account to reduce the risk of account takeover.
- Watch for Urgency or Pressure Tactics – Scammers often try to panic you into acting fast. Be wary of any message that tells you your account will be suspended unless you act immediately.
- Be Skeptical of Unrealistic Deals – If an offer looks too good to be true, especially outside Amazon’s official site, it probably is. Luxury goods or electronics at extreme discounts are a common bait.
- Use Safe Payment Methods – Whenever possible, use secure and traceable payment options, such as virtual credit cards or payment apps, which add layers of protection and are easier to dispute in the case of fraud.
Final Takeaways
Prime Day is a great opportunity to snag deals, but it’s also a favorite time for cyber criminals to launch scams. Awareness and vigilance are key to protection.
Here’s a quick recap:
- Plan your purchases and go directly to Amazon’s website or app.
- Avoid clicking links in emails claiming to be from Amazon.
- Check URLs and don’t trust offers that seem suspiciously good.
- Use strong passwords, enable two-factor authentication, and consider safe payment options.
- Slow down if you receive a message that tries to pressure you into fast action.
Shop smart. Stay alert. Don’t let cyber criminals make you their next target.
