Amazon-related phishing sites approach 900 on Amazon Prime Day

Amazon’s annual Prime Day event is already in motion, which is one of the most profitable days for Amazon, together with Black Friday, Cyber Monday, and the holiday season. At the same time, it’s one of the most opportune moments for criminals to dupe consumers into visiting fake sites, which can look nearly identical to the real ones. Fraudsters can even use Google Ads to rank well in Google searches.

According to data presented by Atlas VPN, Amazon is the most impersonated retail brand in phishing websites, with over 1,633 suspicious sites detected in the last 90 days.

Notably, some of those sites have already been taken down, either by scammers themselves or by various security measures. However, as of July 12, as many as 897 websites are still live. 

The data for the research was extracted from CheckPhish, a phishing and fraud site scanner, which uses deep learning, computer vision, and NLP to simulate how a person would examine, comprehend, and reach a verdict on a suspicious website.

The following most imitated retail brand is Walmart, with 427 phishing sites detected in the last 90 days, out of which 109 are still up and running on July 12, 2022. 

Alibaba, one of the largest e-commerce companies globally, is the third most mimicked brand in phishing websites, with 398 detections in the last 90 days, out of which nearly half - 174 are still live.  

Interestingly, UGG, an American footwear company, is the fourth most impersonated retailer. The site scanner detected 98 suspicious websites using the UGG brand name. Only 6 of those sites have been taken down so far. 

Target is fifth on the list, and that is no surprise since it’s one of the largest corporations in the US. As many as 75 websites mimicking Target were detected since April 13, 2022. Today, 46 of those sites are still accessible. 

The biggest sports brand in the world - Nike, also makes a list, with 49 suspicious sites identified, out of which only 1 ceased its activity. 

Finally, The Home Depot, another US corporate giant, closes off the list of the most impersonated retail brands. This retailer was imitated on 31 websites, with 26 of them still accessible online as of July 12, 2022.  

How to detect dubious websites

With Amazon Prime day in play, it’s much easier for cybercriminals to mix in their emails and ad’s among thousands of legitimate ones. Criminals can also exploit legitimate Amazon features. So, be careful.

Consumers should be especially wary of dubious sites in the upcoming days. Atlas VPN shares some of the most important tips on how to recognize phishing websites.

• Please pay attention to Google Ads because scammers might use them to rank well in Google searches.
• Check the website’s URL (address); leave immediately if it contains mistakes or strange symbols. Fraudsters might use alphabets with similar-looking letters representing the authentic website, so make sure to scrutinize the URL.
• Grammar and spelling issues should be an immediate red flag, so keep an eye out for them. Scammers hardly ever employ expert writers to proofread the content of their copycat website.