Malicious domains

Prime Day: Beware of fake Amazon websites

09.07.2024 11:04

As part of its Prime Day, Amazon is once again enticing customers with numerous offers and promotions on July 16 and 17. Last year, more than 375 million items were sold worldwide on the bargain days. This attracts fraudsters who try to lure consumers to fake websites. 

The IT security provider Check Point Software warned of this in a press release on Tuesday. According to the report, more than 1230 new Amazon-related domains were registered in June, 85 percent of which were classified as "malicious" or "suspicious" after closer analysis. One of 80 new Amazon domains classified in this way contained the term "Amazon Prime".

The company cites the following domains as specific examples of malicious and fake Amazon websites:

  • amazon-onboarding[.]com is a newly registered fraudulent website designed as a phishing site pretending to be Amazon. It specifically targets airline login credentials.
  • amazonmxc[.]store is a fake Amazon Mexico website designed as a replica of It has a profile login button in the upper right corner that, when clicked, requests users' credentials.
  • amazonindo[.]com is a fraudulent Amazon website. In the upper right corner is a profile login/registration button that collects the user's credentials.

Other domains with malicious code include the following:

  • shopamazon2[.]com
  • microsoft-amazon[.]store
  • amazonapp[.]nl
  • shopamazon3[.]com
  • amazon-billing[.]top
  • amazonshop1[.]com
  • fedexamazonus[.]top
  • amazonupdator[.]com
  • amazon-in[.]net
  • espaces-amazon-fr[.]com
  • usiamazon[.]com
  • amazonhafs[.]buzz
  • usps-amazon-us[.]top
  • amazon-entrega[.]info
  • amazon-vip[.]xyz
  • paqueta-amazon[.]com
  • connect-amazon[.]com
  • user-amazon-id[.]com
  • amazon762[.]cc
  • amazoneuroslr[.]com
  • amazonw-dwfawpapf[.]top
  • amazonprimevidéo[.]com

How you can protect yourself
The security researchers have compiled the following seven practical security and protection tips to help consumers protect themselves when shopping online:

  1. Check URLs carefully: Look out for spelling mistakes or websites that use a different top-level domain (e.g. .co instead of .com). These fake websites look trustworthy but are designed to steal data.
  2. Create secure passwords: Before Prime Day, create a strong and hard-to-crack Amazon account password to ensure account protection.
  3. Pay attention to HTTPS: Ensure the website URL begins with https:// and contains a padlock symbol indicating a secure connection.
  4. Limit personal information: Do not give unnecessary personal information such as date of birth or social security number to online retailers.
  5. Bewareof emails: phishing attacks often use intrusive language to get people to click on links or download attachments. Always check the source.
  6. Be skeptical of unrealistic offers: If an offer sounds too good to be true, it probably is. Trust your instincts and avoid dubious offers.
  7. Use credit cards: When shopping online, use credit cards rather than debit cards as they are better protected and carry less liability in the event of theft.

This article has been automatically translated,
read the original article here.
00:00 / 00:00
1.0x Geschwindigkeit
Eingeloggt als 
Nicht der richtige User? Logout

Willkommen in unserer Community! Eingehende Beiträge werden geprüft und anschließend veröffentlicht. Bitte achten Sie auf Einhaltung unserer Netiquette und AGB. Für ausführliche Diskussionen steht Ihnen ebenso das zur Verfügung. Hier können Sie das Community-Team via unserer Melde- und Abhilfestelle kontaktieren.

User-Beiträge geben nicht notwendigerweise die Meinung des Betreibers/der Redaktion bzw. von Krone Multimedia (KMM) wieder. In diesem Sinne distanziert sich die Redaktion/der Betreiber von den Inhalten in diesem Diskussionsforum. KMM behält sich insbesondere vor, gegen geltendes Recht verstoßende, den guten Sitten oder der Netiquette widersprechende bzw. dem Ansehen von KMM zuwiderlaufende Beiträge zu löschen, diesbezüglichen Schadenersatz gegenüber dem betreffenden User geltend zu machen, die Nutzer-Daten zu Zwecken der Rechtsverfolgung zu verwenden und strafrechtlich relevante Beiträge zur Anzeige zu bringen (siehe auch AGB). Hier können Sie das Community-Team via unserer Melde- und Abhilfestelle kontaktieren.

Kostenlose Spiele