Amazon warns of major Black Friday impersonation scam targeting millions of users
As the holiday shopping season approaches, Amazon has issued a crucial warning to its more than 300 million active customers about a rising impersonation scam designed to deceive shoppers and steal sensitive information. According to a report from the Asbury Park Press, this scam has intensified as consumers flock online for Black Friday and other holiday deals. Cybercriminals are employing various tactics, including fake notifications, malicious links, and fraudulent websites, to trick users into disclosing personal and financial details, including their Amazon account credentials.
In a November 24 email obtained by Forbes, Amazon cautioned that these scammers are specifically targeting its user base, urging customers to be wary of communications that may seem legitimate but are actually attempts to harvest sensitive information. The report highlights that the scam often involves browser notifications generated through compromised or malicious websites, a method that has become increasingly prevalent in the digital landscape. FortiGuard Labs has noted a staggering increase in the number of malicious holiday-themed domains, with over 700 new sites registered in the last three months alone, many featuring enticing keywords like “Christmas,” “Black Friday,” and “Flash Sale” to attract unsuspecting shoppers.
These fraudulent sites are being utilized for a range of deceptive practices, including sending fake delivery notifications, promoting unbelievable deals through social media, and soliciting payment or account information via unofficial channels. With the urgency of Black Friday shopping underway, Amazon emphasizes that vigilance is the best defense against these scams. Customers are encouraged to verify the authenticity of any communication they receive and to remain cautious when clicking on links or providing personal information online. As the holiday season continues, it is essential for shoppers to stay informed and protect themselves from potential cyber threats.
Amazon is alerting its more than 300 million active customers to a widespread impersonation scam ramping up during the holiday shopping season. According to
new reporting from the Asbury Park Press
, the scheme employs fake notifications, malicious links, and fraudulent websites to deceive shoppers into divulging sensitive information, such as financial details or Amazon account credentials.
SEE ALSO:
Social media companies to be held liable for financial scams under new EU rules
As the outlet explains,
Amazon
described the fraud in a Nov. 24 email
obtained by Forbes
, warning that cybercriminals are “targeting Amazon users by reaching out to try and get access to sensitive information like personal or financial information, or Amazon account details.” The scam relies heavily on browser notifications pushed through compromised or malicious websites — a tactic that has become increasingly common as shoppers flood the internet in search of
Black Friday
and holiday deals.
The scale of the problem is significant. The Asbury Park Press cites data from FortiGuard Labs, showing that more than 700 malicious holiday-themed domains have been registered in the last three months, many using keywords such asÂ
“Christmas
,”Â
“Black Friday
,” andÂ
“Flash Sale”
to lure unsuspecting shoppers. These sites are being used to launch a variety of scam attempts, including:
Fake delivery or “account issue” messages
Too-good-to-be-true third-party deals advertised on social media
Requests for payment or account information through unofficial channels
With
Black Friday deals
in full swing, Amazon says staying vigilant is the best defense.
