Amazon, the global retail-giant which has managed to keep growing in the middle of a pandemic, was forced to delay its much-awaited “Prime Day” event this year, in light of COVID-19.
The event, where customers get to purchase products with heavy discounts and attractive offers for 48 hours, is usually held in the month of July worldwide. It is a major opportunity for Amazon and its partner retailers to accumulate as much revenue as possible.
At the same time, the fall and winter months of each year are also full of sales in brick and mortar stores and e-retailers alike, due to what is generally known as the festive season in many parts of the world.
This festive season is perhaps even more intense in a country like India, where festivals of different faiths and communities occur around the same time, and purchasing new things and exchanging gifts during this time is considered auspicious along with being a popular act of celebration.
As India has grown as an economy, e-retail giants’ penetration in the market has also increased, making it the fastest-growing e-commerce market in the world.
And to make the most of this festive season, Amazon and Walmart owned Flipkart has been holding week-long sales in the month of October every year to attract as many consumers and generate as much revenue as possible.
However, this time, as India is once again gearing up for the festive season sales, which are set to begin next week, Amazon, one of the most popular e-retail websites in India, is also holding a delayed “Prime Day” in other countries, which will begin on the 13th of October.
Amazon Sale Season: An Opportunity Hackers Have Been Awaiting
Just as Prime Day and festival sales will be an opportunity for customers to sweep up products at the best possible prices, it will also be an opportunity for cybercriminals to extort money and personal information from unsuspecting users.
Two reports, one from Check Point Research and another from Bolster Research, have revealed that hackers are prepared to exploit the upcoming sale events to put internet users’ security at risk once again.
According to Check Point, the number of registered domains containing the keywords “Amazon” have increased by 21% in the past 30 days, as compared to the month before. More than 28% of these domains were malicious and another 10% were suspicious. Check Point has further reported that the number of domains registered containing keywords “Amazon” and “Prime” has doubled in the last 30 days, with 20% of those domains being malicious.
Bolster Research came up with similar findings reporting an increase in web pages that have similar layouts and logos to Amazon’s website.
Both firms believe that this increase in Amazon replicas and impostors is to collect sensitive personal information from users such as bank details, email addresses, home addresses, phone numbers, etc. They have also specifically warned against entering debit card details even on the official website to lower the possibility of a direct debit from people’s bank accounts.
The firms anticipate that traffic towards these malicious domains will be generated by sending promotional links to consumers via different channels such as emails, posts on social media, etc.
Reports of such phishing scams happening have already surfaced in the UK, where almost 270 Amazon users informed Action Fraud UK of receiving convincing-looking Amazon scam alerts. Following this, Action Fraud UK and Amazon UK have issued a warning and guidelines for all customers regarding the same.
Some Best Practises to Keep in Mind
The first tip that both Check Point and Bolster Research have endorsed is to examine and read URLs carefully. Small differences like a “.co” instead of “.com” or a longer URL containing “.com” in the beginning but actually ending in a different domain address might end up costing users more than they signed up for.
Small differences in the website’s layout could also be powerful indicators. While these sites are designed to replicate Amazon as much as possible, they cannot be a true likeness. Any discrepancies should be taken seriously and customers are urged to exit the site whenever such a case arises.
However, the most straight-forward safety measure is to start shopping at Amazon’s website or app itself, without using external links to reach the destination in the first place. Amazon promotes its best deals on the home page at any given time and this strategy becomes even more aggressive during yearly sales.
Another rule of thumb to internalize this sale season is to not fall for any deals that you feel are “too good to be true”. While Amazon does have massive discounts during this time, they also need to earn revenue and increase profits, as well as ensure their sellers are satisfied, thus, if a product known for its quality is being offered at, say, a 70-80% discount, it is likely that the link will not lead you to a good place.
Additionally, people should change their passwords ahead of the sales and ensure that it is a strong one, i.e., one that is sufficiently long, contains upper case and lower case alphabets, special characters, and numbers.
Customers are also advised against entering any new or unnecessary information while shopping. Making a purchase typically requires one’s name, phone number, shipping address, and payment details. Having to provide any more than this is a red flag. a good antidote might be to save all the details you will be using to make a purchase into your Amazon account before hand.
Lastly, customers should ensure they access the site via a safe or trusted network such as their home or office WiFi. Using public networks could render one vulnerable.
eCommerce Giants On Target?
E-commerce giants make up for an overwhelming share of the market. They overpower their competitors and independent small and medium businesses by leagues by being a one-stop-shop for every conceivable product one might be looking for.
Due to the pandemic, this foothold has strengthened even further, with people adopting online shopping more than ever before. 49% of customers have admitted to an increase in their online shopping activity as compared to pre-pandemic times. In the US, Amazon has already made sales crossing the $2 billion mark 130 times this year, as compared to only 2 such days in 2019, excluding the festival season. Thus, the frequency and the penetration of e-retail has increased and has thus made such websites’ databases one of the most desirable troves of sensitive information for cybercriminals.
A Blow For Festive Season Sales in India?
While no specific reports or warnings have been issued from the side of Amazon and Flipkart in India yet, it will be in everyone’s best interest to tread with caution and follow the tips mentioned above.
These precautions should also be taken while shopping at other websites in light of a recent breach in Magento, a cloud system used by many e-retailers to store business information. Many Indian stores were among the websites hacked.
The Amazon and Flipkart sales are the biggest e-retail events in India and both platforms combined sold items worth $3 billion during the 2019 festive season, breaking their records for all previous years.
Just like online shoppers, hackers are also excited about this festival season anticipating big gains. In a bid to make the most of Amazon Great Indian Festival or Flipkart Big Billion Day, don’t end up falling prey to hackers.