Hundreds of Live Phishing Sites Menacing Amazon Prime Day Shoppers

This week, Amazon Prime Day prompted a big increase in phishing attacks, as reported by Threatpost and many other media outlets. Shoppers anxiously awaited the amazing offers and discounts revealed during the two-day sale, with bad actors lying in wait to take advantage of the excitement.

SlashNext Threat Labs analyzes 1B internet transactions and 7M web pages daily using virtual browsers. We saw hundreds of malicious Amazon phishing sites designed to take advantage of Amazon Prime Day shoppers. These phishing attacks included credential stealing (Screen 1 and 2), rogue software, and gift card scams (Screen 3). While SlashNext customers were protected from these phishing attacks, many other phishing protection and anti-virus services did not detect these threats (Screen 4).

Amazon Phishing Credential-StealingAmazon-Phishing Credential-Stealing Page

Screen 1 and 2


Screen 3


Screen 4

Hackers Motivations are Usually Money, Information Theft, and Extortion
There is an extensive list of Tactics, Techniques and Procedures (TTPs) that attackers use to conduct phishing, but their motivation is usually money, information theft, and extortion. It’s difficult to assess how many thousands of users were impacted, and victims have no idea they did something wrong until the fraud is exposed or until something bigger happens. It could be credit card fraud that will be exposed when unauthorized charges appear on a credit card statement. Or it could be more nefarious with stolen credentials sold on the Dark web or used by state actors like Russia or China to create backdoors. The number one cause of the major breaches, like Home DepotMarriott, and Nintendo, is phishing. While Prime Day is mostly a consumer event, the reality is that our personal and work lives have merged. Many of us are using the same device for both, which requires businesses to address how to stop phishing from entering their environment on these big shopping days.

Bad actors are using AI and automation to launch sophisticated phishing attacks, which is why it’s so important to stop phishing before it happens. Yet, most companies do not have an end-to-end solution covering all phishing vectors, so there are still gaps. SlashNext addresses this with the broadest range of protection against attacks on corporate and personal email, SMS, social media, messaging, and collaboration platforms by detecting credential stealing, rogue browser extensions, and more.

SlashNext’s patented AI technology inspects billions of URLs at cloud speed through a broad intelligence gathering network to overcome sophisticated evasive techniques. SlashNext accurately detects phishing pages, even on compromised websites and legitimate infrastructure, by leveraging natural language processing, computer vision, and behavioral analysis. SlashNext AI Phishing Defense for PCs and MACs are deployed as lightweight browser extensions for all popular desktop browsers (Chrome, Firefox, Safari, and Edge) and can be managed through UEM or SSO solutions for simple user provisioning and management.

Protect yourself and your team today with a free, easy to deploy 14-day trial.

It’s Time to Get Started with SlashNext

Experience the difference with broad phishing threat coverage and automated delivery.