It is that time of the year again!
The Amazon Prime Day is near, and as consumers get ready to use with their credit cards, so Cyber Attackers are getting ready to launch their Phishing scams too.
According to a recent Cybersecurity report Check Point researchers have been removing an unusually high number of recently registered malicious domains containing the word "Amazon" or "prime" and designed to imitate Amazon ahead of the annual online shopping event.
What is a Phishing Attack
Phishing is a Cyber Crime aimed at persuading individuals into providing sensitive data for illegal purposes, such as identity theft and financial loss. The hacker masquerades as a trusted entity by simply registering domains and designing websites or emails to make them look like they are legitately from the "real brand". This way, they lure their victims into opening an email, instant message, or text message. Recipients are then tricked into revealing their personal information, clicking on a malicious link, which can result in the installation of malware, ransomware attacks, or the extraction of sensitive information.
Phishing is one of the most popular Cyber Attacks and it is becoming even more popular. The reason is that this attack does not require particular technical knowledge, it is enough to target people who are not aware of or do not use Cybersecurity Best Practices: humans are the weak link in Cybersecurity after all.
How to prevent Phishing Attacks
There are steps we can all take to stay safe when we go online.
Avoid websites where you identify misspelling top-level domain, such as "Amazon.co" or "Amazonn.com";
Purhcase only on website with the secure sockets layer (SSL) encryption installed;
Avoid using public Wi-Fi. Hackers can access what you are looking at on the web: emails, payment details, browsing history, or passwords.
Make sure you protect your data when you browse online and during this Amazon Prime Day.
If you want to know more about Phishing and how to protect yourself, stay tuned for our upcoming Phishing Cybersecurity Risk Awareness Webinar Series.
You can learn about past edition on Awareness of Password Weaknesses and SQL Injection.