Due to supply chain concerns during this pandemic, holiday shopping is starting earlier this year and numerous people are stocking up, particularly as Amazon Black Friday is coming fast.
On the other hand, for hackers, this is an opportunity to impersonate purchase alerts and steal financial data.
This type of cyber attack works by impersonating authentic Amazon URLs and compelling the end-user to cancel any orders over the phone.
According to Techradar, a new attack in which the hackers spoof a normal Amazon order confirmation is running rampant in October 2021.
With that, a checkpoint company called Avanan will examine the company's most recent discovery of this new Amazon spoof attack, which targets end-users across all roles and sectors, in this attack brief.
Amazon Black Friday Scam
The Amazon Black Friday scam that is experienced by Amazon users nowadays are hooked in their respective emails.
The email received is intended to get the recipient to call and provide credit card information.
It begins with what appears to be a standard Amazon order confirmation. A user is likely to check their account because of the hefty price.
When users click on the links, they are taken to the Amazon website.
The email's phone number is not an Amazon phone number. The attackers are often calling from India, despite the fact that it has a South Carolina area code.
Whenever you dial the number, no one answers at first.
A callback will be made after a few hours. The person on the other end of the conversation will state that they'll need a credit card number and CVV number to cancel the invoice.
How The Amazon Scams Happen
Due to the presence of legitimate links, this attack is able to get past typical email security scanners. This email is allowed to pass a check against an Allow List.
According to Avanan, when they crunched the figures for their 1H 2021 Cyber Attack Report, the company has discovered that 8.14% of phishing emails made their way into users' inboxes due to a misconfigured allow or block list.
This is up 5.3% from the previous year's Global Phish Report.
Depending on the security solution in use, the problem gets worse. They discovered that 15.4% of email attacks are on an Allow List while sitting behind an SEG.
Furthermore, this technique lends itself to additional attacks. This fraud employs a technique known as "phone number harvesting," which involves obtaining phone numbers via the caller ID feature rather than credentials for online logins.
They can carry out a succession of attacks once they have the phone number, whether by text messages or phone calls.
A single successful attack can set off a chain reaction of dozens of others.
Practices To Prevent Amazon Black Friday Scam
Security professionals can take the following steps to protect themselves against these attacks:
Encourage end-users to check the email's sender address.
End-users should be encouraged to monitor their Amazon accounts. They'll discover that the order they're looking for isn't in their account.
Allow Lists should not include prominent corporations, as they are the most frequently impersonated. According to Check Point Research, Amazon is the second most imitated brand.
Encourage users to avoid dialing unknown numbers.
Implement a multi-tiered security architecture that relies on several factors to prevent emails from being sent.