- NordVPN researchers have seen more than 100,000 malicious websites with an Amazon theme
- In addition to phishing for identification information, crooks encourage people to make fraudulent purchases
- Consumers are notified of caution during the first day
Pirates have set up thousands of false websites, using them to steal connection identification information, encourage people to download malware or make fraudulent purchases before Amazon’s first order day of this year.
A new report by the NordVPN team threatening PRO protection threatened consumers to be more vigilant, saying that they have observed more than 120,000 malware, phishing and scam -supported software websites in the past two months, Amazon usurpation.
In this number, there were 92,000 phishing sites, 21,000 malware distribution sites and 11,000 false goods sites.
Perfect storms
“The main shopping events like Prime Day create perfect storms for cybercriminals.
“People should maintain good cyber-hygiene even when you are looking for the best offers.”
Although theft of connection identification information remains a key goal for many fraudsters, one thing is increasingly popular – encouraging people to make unauthorized payments. Apparently, this went from 28% in April to 38% today, and is “the highest reported objective”.
Events such as Amazon Prime Day, Black Friday or Cyber Monday remain key dates when cybercriminals increase their activity.
Amazon Prime Day is a major annual commercial event, during which the retail giant offers exclusive offers and discounts only for Prime members. It usually lasts two days, but this year, it will take four days.
Although it can be ideal for consumers, it is even better for crooks who will certainly seek to exploit the change, have warned the researchers.
During the big week of Spring of Amazon, which took place between March 31 and April 7, 2025, a malicious activity “exploded”, said NordVPN, comparing data in the previous week.
“Malventy software websites jumped 1,661%, phishing sites increased by 1,294%and scam websites have skyrocketed by 8,325%,” he said.
Identifying a false website can sometimes be difficult, but often there are gifts – in particular, keep an eye on obvious spelling errors in URL or big titles – “Amazom.com” for example. And remember, a good basic rule is always that if an agreement seems too good to be true, there is a decent chance.
If you worry, you may have been captured by a false site, don’t worry – there are a number of methods to discover. Haribeenpwned? is probably the best resource only to verify whether your contact details have been assigned, offering a dilapidated each large cyber-incident of recent years.
You must also make sure that your devices have the best antivirus tools offered to protect you, alongside the best firewall and the best termination of termination points.
