It’s not uncommon for scammers to target online shoppers, often by pretending to be companies like Amazon. However, these phishing attempts tend to increase during major sales events like Black Friday or Prime Day. These events represent a significant moment for retailers, but unfortunately, also an opportunity for scammers, con artists, and unethical businesses to… Continue reading Amazon Prime Day Scams and Fake Amazon Websites
Tag: Amazon
Top Amazon Scams to Avoid: Be Safe at Amazon
Because of its reliability, Amazon is a popular choice for both buyers and sellers. But fraudsters frequently turn to the eCommerce market to scam others. In addition, false threats expose new vulnerabilities daily. Consequently, taking measures to safeguard your business is crucial. This is because many scams target businesses every day. This is why we… Continue reading Top Amazon Scams to Avoid: Be Safe at Amazon
Amazon Email Phishing: How to Protect Yourself?
Amazon email phishing is yet another form of email fraud that parasites on the name of a legit company. As the company operates in different industries, hackers forge their messages to make it look realistic to a specific user. In this post, I will explain how to distinguish a fake email from a genuine one,… Continue reading Amazon Email Phishing: How to Protect Yourself?
A Former Amazon Employee Charged for Digital Fraud. Sentencing in September
Paige Thompson Faces up to 20 Years for Wire Fraud Paige Thompson, 36, a resident of Seattle, who worked as an engineer in Amazon Web Services, has been charged with seven felonies. She has been found guilty of five cases of unauthorized access to protected systems, damaging a protected computer, and wire fraud. For fraud… Continue reading A Former Amazon Employee Charged for Digital Fraud. Sentencing in September
Amazon Patch for Log4Shell allowed privilege escalation
Palo Alto Networks warns that a patch released by Amazon to protect AWS from high-profile issues in Apache Log4j, including the Log4Shell vulnerability, poses a threat to users. The patch can be used to escape the container and escalate privileges, allowing an attacker to take control of the underlying host. Let me remind you that… Continue reading Amazon Patch for Log4Shell allowed privilege escalation
Vulnerabilities in Amazon Kindle Allowed Taking Full Control of the Device
Check Point researchers reported that in April of this year, IT giant Amazon eliminated critical vulnerabilities in the Amazon Kindle. The problems could be used to gain full control over the device, allowed them to steal the Amazon device token and other confidential data stored on it. For a successful attack on a Kindle, just… Continue reading Vulnerabilities in Amazon Kindle Allowed Taking Full Control of the Device
Operators of phishing campaigns increased number of emails allegedly from delivery services
Check Point Research reports that in November, the number of phishing emails written on behalf of delivery services increased by 440% compared to October. The sharpest growth was noted in Europe, with North America and the Asia-Pacific region in second and third places respectively in the number of phishing campaigns. Most often (in 56% of… Continue reading Operators of phishing campaigns increased number of emails allegedly from delivery services
Vulnerabilities in Amazon Alexa opened access to user data for outsiders
In June this year, researchers from Check Point discovered a number of dangerous vulnerabilities that opened for attacks the Amazon Alexa virtual assistant and its users. The problem was in CORS and XSS bugs, which affected several Amazon subdomains, and in configuration issues. By exploiting these bugs, attackers could gain access to personal data (usernames,… Continue reading Vulnerabilities in Amazon Alexa opened access to user data for outsiders
Mandrake malware was hiding on Google Play for more than four years
Bitdefender experts found Mandrake spyware in the official Android app store, hiding on Google Play for four years (since 2016). The malware established full control over infected devices, collected credentials, GPS from infected devices, made screen recordings, and so on. At the same time, the malware carefully avoided infections in countries such as Ukraine, Belarus,… Continue reading Mandrake malware was hiding on Google Play for more than four years