- Cyber Security
- Suleman

Protect Yourself from Amazon Phishing Scams in 2024
Amazon Phishing Scams: A Rising Threat in 2024
In 2024, cybercriminals are increasingly leveraging Amazon phishing scams to deceive users by impersonating the popular e-commerce platform. Phishing attacks involving fake account alerts or delivery issues are becoming more sophisticated, now utilizing text messages (smishing) and malicious links to steal sensitive data.
Threat actors like Chenlun, previously known for USPS-themed phishing, have now shifted to Amazon-focused campaigns. This new wave of attacks includes bogus notifications about suspicious activity, luring recipients to confirm account details through fraudulent login pages.
How Chenlun's Phishing Techniques Have Evolved
Chenlun’s phishing tactics reveal a significant evolution. Last year, campaigns mimicked USPS alerts, while now the focus has shifted to brands like Amazon. A critical part of this transformation involves domain generation algorithms (DGAs), which automatically create new web addresses to evade detection.
- Infrastructure Change: Unlike previous efforts that relied on domains mimicking USPS, recent phishing domains are registered using NameSilo and DNSOwl services.
- Improved Obfuscation: Attackers now use simple yet random domain structures, making it more difficult for cybersecurity tools to blacklist these domains.
Chenlun’s campaign also involves aliases such as “Matt Kikabi,” linked to over 700 active domains.
Warning Signs of an Amazon Phishing Scam
- Suspicious Account Activity Alerts: Scammers send texts claiming unusual activity, urging users to log in using fake links.
- Delivery Confirmation Requests: Fraudulent delivery notifications redirect to phishing sites mimicking Amazon’s login pages.
- Misspelled Domains or URLs: Watch for subtle changes in domain names, such as replacing “amazon.com” with misleading look-alikes.
- Urgency in Messages: Attackers attempt to rush users into clicking, bypassing logical checks.

Best Practices to Stay Safe
- Verify URLs: Always type Amazon’s web address directly rather than clicking links from suspicious messages.
- Use Multi-Factor Authentication (MFA): Enable MFA to add an extra layer of security to your accounts.
- Monitor Domain Patterns: Security teams should track newly registered domains associated with trusted brands.
- Report Phishing Attempts: Amazon has a reporting system for scam emails or messages sent in its name.
- Collaborate on Threat Intelligence: Sharing data with cybersecurity organizations can help identify and block phishing threats faster.
Conclusion
The rise of Amazon phishing scams highlights the need for heightened vigilance and proactive security measures. As threat actors like Chenlun refine their tactics, including the use of DGA domains and smishing attacks, staying informed and adopting best practices is crucial. Protecting against these scams requires continuous monitoring, the use of MFA, and collaboration with security experts to stay ahead of evolving threats.
FAQs
Phishing scams impersonate Amazon through fake messages, urging users to click malicious links or provide sensitive information.
Avoid clicking on links. Verify the message directly by logging into your Amazon account through the official site.
Smishing allows attackers to reach targets directly via text, bypassing email security filters.
MFA requires a second form of verification, making it harder for attackers to access accounts with just a password.
Recent research shows attackers favor NameSilo and DNSOwl services to register phishing domains.
Recent Post

Microsoft Power Platform: Security Risks and Solutions

Microsoft Visio Phishing Tactics: New Security Concerns
