The first day of the Amazon this week has led to a sharp increase in phishing attacks, according to Threatpost and numerous other media reports. Buyers were excited by the incredible offers and discounts found during the two days of the sale, with the bad actors waiting to enjoy the excitement.
SlashNext Threat Labs analyzes daily internet transactions of 1B and 7M sites with virtual browsers. We’ve seen hundreds of malicious Amazon phishing sites aimed at exploiting Amazon premium customers. These phishing attacks include identity theft (screens 1 and 2), software scams and gift certificate fraud (screen 3). While SlashNext customers were protected against these phishing attacks, many other antifishing and antivirus services were unable to detect these threats (screen 4).
Screen 1 and 2
Screen 3
Screen 4
Motivation of a hacker – usually money, information theft and blackmail
There is a long list of tactics, techniques and procedures (TTP) that attackers use for phishing, but their motivation is usually money, information theft and blackmail. It is difficult to estimate how many thousands of users are involved and victims have no idea that they have done something wrong until the fraud is discovered or something else happens. This may be credit card fraud, which is discovered when unauthorized charges appear on your credit card statement. Or it can be even more disgusting when stolen ID cards are sold on the black web or used by government actors such as Russia or China to create backdoors. The main cause of major offenses such as Home Depot, Marriott and Nintendo is phishing. Although the first day is mainly a consumer event, in reality our private and professional lives merge into one another. Many of us use the same device for both, forcing companies to decide how to stop phishing attacks in their area during these big workdays.
Malicious players use AI and automation to launch advanced phishing attacks, that’s why it’s so important to stop phishing before it happens. However, most companies do not have a global solution that includes all phishing vectors, so there are still gaps. SlashNext provides the most comprehensive protection against attacks on business and personal emails, SMS, social networks, messaging and collaboration platforms by detecting account theft, unauthorized browser extensions, etc.
The patented SlashNext AI technology controls billions of URLs at the speed of the cloud over an extensive data collection network to overcome complex bypass techniques. SlashNext identifies phishing sites, even on infected websites and legitimate infrastructures, using natural language processing, computer vision, and behavioral analysis. SlashNext AI phishing protection for PC and MAC comes as a simple add-on for all major desktop browsers (Chrome, Firefox, Safari and Edge) and can be managed via EMU or SSO solutions for easy installation and management by users.
Protect yourself and your team today with a free and easy-to-implement 14-day trial.
*** This is the syndicated Security Bloggers Network blog by SlashNext, written by Lisa O’Reilly. The original message can be found at the following address: https://www.slashnext.com/blog/hundreds-of-live-phishing-sites-menacing-amazon-prime-day-shoppers/.amazon prime membership offer,amazon prime benefits,amazon prime membership cost,amazon prime membership fee
