Home Ministry Tech Leaders Amazon Cyber Security Starts With YOU

Amazon Cyber Security Starts With YOU

Photo credit: Christian Wiediger / Unsplash

When you think of the Amazon rainforest what words immediately come to mind? Perhaps words such as “tropical”, “lush”, “wet”, and how about “dangerous”?  After all, the Amazon is home to the jaguar, (with its fierce ability to stalk and ambush prey), the green anaconda (arguably the largest snake in the world), deadly poison dart frogs, blood-thirsty piranhas, and many more fascinating but can-be-malicious species of plants and animal.  But be advised (warned) today that the Amazon rainforest might not be the only dangerous Amazon site with deadly things lurking. Amazon.com is currently ranked number #1 as the most popular website in the ecommerce & shopping category, as of July 2023. It is estimated that non-Amazon Prime members spend an average of $38 per month, while subscription members spend an average of $110 per month on this (Amazon) website. Cybercriminals are not unintelligent about this data, and have taken note of the (web) address where so many people (and their information and money) hang out. That means users need to be aware of the need for Amazon cyber security.

Amazon Cyber Security Starts With YOU

Amazon’s popularity and substantial financial transactions provide cyber criminals with the motivation for continuous creation of new scams, utilizing sophisticated technologies to trick users by impersonating popular retailers (such as Amazon).

Impersonation comes in many forms, but a popular (because of its effectiveness) method utilized by hackers continues to be through email. The Thirtyseven4 EDR Security ThreatLab has recently observed a significant spike in fraudulent Amazon emails, most of which are crafted to create a sense of urgency to spark immediate reaction.

Amazon Cyber Security in Your Email Inbox

Examples include:

Subject: [Important] Your account will be disabled.
Body: Open The attached files to see the further details of your case. [random case number]

Subject: [Amazon.com] Attention Needed: Suspicious login activity detected recently,
Body: Please review your login security attachment.

Subject: [Urgent] Please confirm your shipping confirmation
Body: Purchase receipt attached.

In each case, clicking on the embedded button or opening the attached PDF will prompt the user to enter their Amazon login credentials into a bogus phishing site.  The cybercriminal can then sell your valuable data, purchase additional items on your behalf or use (your) credentials to potentially hack into other ecommerce sites that may rely on the same passwords. 80% of cyberattacks now leverage stolen or compromised credentials.