Amazon Warns Of Major Account Attacks Targeting Millions
So, there’s a pretty serious warning going out right now, and it comes straight from Amazon. The company has alerted its massive user base—about 300 million people—that a wave of account-related attacks is actively underway. And because we’re right in the middle of the holiday shopping rush, when everyone is clicking through deals and checking delivery updates, the timing couldn’t be more dangerous.
Amazon’s message makes it clear that cybercriminals are taking full advantage of the Black Friday and holiday chaos. Fake messages, spoofed order updates, and bogus “account issue” alerts are being pushed at users from every direction. These scams are designed to trick people into giving up personal information, payment details, or even full access to their Amazon accounts. And while these tactics aren’t new, they have become more polished, more believable, and much harder to detect.
Also Read:What raises even more concern is how these attacks are evolving. A new report highlighted that more than 18,000 holiday-themed websites were registered in recent months—sites using keywords like “Black Friday” or “Flash Sale.” At least 750 of those domains were confirmed malicious. Beyond that, nearly 19,000 new domains were created to mimic major retailers, with almost 3,000 of them proven to be malicious as well. Many of these look just close enough to real sites that they can fool even careful shoppers, especially when people are skimming quickly and chasing deals.
Experts have also pointed out how artificial intelligence is making these scams more dangerous. AI-generated emails, fake customer support chats, and convincing order confirmations are being used to lure people into entering their login details. In many cases, these counterfeit messages look cleaner and more professional than the real ones.
And it’s not just Amazon sounding the alarm. The FBI has stepped in with its own warning, confirming that brand impersonation scams have already resulted in more than $262 million in losses this year alone. Attackers pretend to be employees from trusted companies—banks, retailers, customer support teams—and then manipulate victims into handing over authentication codes, one-time passwords, or login credentials. Once that happens, criminals can take full control of those accounts by resetting passwords through legitimate websites.
Amazon has shared some simple but important safety steps. They urge users to only interact through official channels—the Amazon app, the official website, and verified customer service pages. They recommend turning on two-factor authentication and using passkeys when possible. And they remind customers that Amazon will never ask for payment information over the phone or request account verification through unsolicited emails or links.
It’s a good moment to slow down, double-check messages, and stay skeptical. Scammers rely on urgency and distraction, especially during the holidays. Taking a few extra seconds before clicking can make all the difference. Stay alert—and stay safe.
Read More:
0 Comments