Look out for these messages on your phone
AFP via Getty Images
“Attacks are already surging,” targeting millions of Amazon customers. Worse, “the threat has not yet peaked,” and accounts are at risk for the next 48 hours. It is critical that you look out for messages on your PC or smartphone and check your account.
The warning comes courtesy of Darktrace,. “Amazon is the most mimicked brand, making up 80% of phishing attacks” against major companies, it says. Attacks which have already spiked 620% in November and will surge another 20 to 30% by Nov. 29.
The scale of this threat to holiday shoppers in general and Amazon customers in particular has been echoed by the latest research from Guardio. “Black Friday is no longer just a shopping day,” it warns. “It has become a hunting ground for cybercriminals armed with artificial intelligence.”
ForbesFBI Warns All Smartphone Users—Stop Answering These CallsBy Zak Doffman
Guardio points out that “Americans lost over $432 million to online shopping fraud in 2024, and experts predict 2025 will shatter that record as AI-powered attacks reach unprecedented sophistication.” Amazon is highlighted again, alongside other major brands, including Walmart, Costco, Apple, AT&T and Verizon.
The latest wave of phishing attacks use AI as never before, “which means perfect grammar, professional designs, and convincing copy that makes traditional ‘red flags’ obsolete. The old advice to ‘look for spelling errors’ or ‘check for poor formatting.’ That’s ancient history. AI has eliminated those telltale signs.”
According to Guardio, “The most common trap is the urgent account alert. You receive a text claiming your Amazon account has been ‘suspended due to suspicious activity’ or your Verizon bill ‘couldn’t be processed’ and you need to ‘verify your information immediately’ by clicking a link’.”
Amazon is working hard to combat the plague of impersonation scams that target attacks against its users, the objective being to steal user names and passwords and gain access to accounts. The answer, Amazon says, is to add a passkey to your account.
ForbesGoogle Issues VPN Warning For All Smartphone Users—Check This ListBy Zak Doffman
Amazon’s security advice is now front and center. “To securely sign in to your Amazon account you can enable a passkey to simply use your face, fingerprint, or the PIN that you use to unlock your device. Passkeys are a convenient and secure way to sign in to your Amazon account without using a password.”
And hundreds of millions of Amazon customers have already upgraded their security. Along with Google, Amazon is leading the way in passkey adoption. Add one to your account now, after which you don’t have to worry about credential stealing attacks.
“This year we’re guaranteed to see ever more sophisticated scams, primarily fueled by AI,” Keeper Security’s Anne Cutler told me. “Black Friday doesn’t need to be a hacker’s payday. A few proactive steps, coupled with an identity-first mindset, can make the difference between a money-saving bargain and a costly breach.”