Scammers won’t stop trying to take your money, and as the year kicks in for the shopping season, thieves are now trying to convince you they’re Amazon.
Will the real Amazon please stand up? Almost like a back and forth of proving who Sparticus really is, scammers are looking to convince you of their legitimacy by looking just like the real Amazon web page, and coming in time for the holiday shopping season.
With 2020’s Black Friday season kicking into gear this week, scammers are no doubt looking to con people into believing their deals are the real deal, but they may have a new trick in their arsenal: a site that looks convincingly like a real Amazon ordering form.
It’s the sort of scam that could convince anyone not paying attention to the signs and the dead giveaways, and while we’d like to hope everyone does know what to look for, the reality is that scammers know all too well people tend to act in the heat of the moment with bargains, missing the obvious telltale signs of a scam. And yet, that’s exactly the sort of thing you’ll want to pay attention to this year as you shop online, with Kaspersky flagging almost 20,000 fake Amazon websites for phishing attempts this year alone.
That’s just from Kaspersky, and just in the ten months leading up to October, with the phishing attempt essentially offering a fake version of an Amazon order form to convince people to hand over money without thinking. Amazon isn’t the only shopping website that’s been targeted, with eBay, Alibaba, and others included, making it possible that a good deal you might be considering is actually a bad deal waiting for you to hand over money on.
The good news is that while the scam webpages can look convincing upon first glance, they may actually be easy to spot thanks to the same signs as other scams.
You see making websites that look legit isn’t remarkably difficult, and while anyone can copy the design and functionality, the website URL — the web address that sits in the browser bar — isn’t something that can be scammed, and is the first place you should check whether something is legit.
“The reality is, for many people, it is hard to tell the difference between a fake and real website,” said Noushin Shabab, Senior Security Researcher for Kaspersky in Australia and New Zealand.
“It takes practise and sometimes we need an extra arm to help us tell the difference if we can’t visibly see it,” she said.
For many, that extra arm is security software, blocking malicious code from firing, and informing the user whether the site you’re at is, in fact, the real deal.
But if you don’t have a security solution — and even if you do — make sure to read the website URL and question if it’s real. Alternatively, search for that product on the website you know to be real, and see if you can find it. If Amazon had an amazing deal found only through a link you’ve been emailed, it’s likely very fake, because it would be a part of its website, not just a secret email link you’ve been sent.
And make sure to check those websites you’re looking at buying from carefully. While we’ve been told that security certificates can tell you whether a website is real, these days, it’s not quite that simple. Security padlocks won’t always inform you of authenticity these days because anyone can get a security certificate for free for their website. However the real website will need to say the real company’s name in it, and you may want to check whether the security certificate has their name on it, as well.
Ultimately, make sure whether the deal you’re receiving is legit by ensuring it’s likely. Being emailed an amazing too-good-to-be-true deal is often a sign it’s fake, and likely a scam, so be on the lookout for deals that are way too good.
“If a deal is too good to be true, it probably is,” said Shabab.
“However, the good news for consumers is that through simple precautionary measures and remaining vigilant, they can stay safe while enjoying the shopping experience.”