Cybersecurity researchers warned security teams that hackers are using Amazon's popular Prime Day to phish for credentials. Pictured: Amazon Prime items are seen in the Amazon fulfillment center on Nov. 15, 2017, in Peterborough, England. (Photo by Leon Neal/Getty Images)

With Amazon Prime Day starting at 3 a.m. Eastern Tuesday, Avanan researchers have warned security teams that hackers are taking advantage of Amazon’s popularity to send phishing and credential harvesting emails.

Although these attacks mostly target consumers, with many office workers still working from home at least part of the time, it makes sense for security teams to warn their workers of the increased threat.

In a blog post, Avanan researchers said these scams will proliferate significantly over the next couple of days. The researchers have pointed out a sharp increase in spoofed Amazon attacks in which hackers are stealing credentials in the hopes that users will think it’s the actual Amazon brand emailing. Attackers dangle the promise of an Amazon gift card if the user takes a survey while in actuality, the link leads to a credential harvesting page.

Check Point Research, which has acquired Avanan, has recently found a 37% increase in daily Amazon-related phishing attacks compared to the daily average from June. For last year’s Prime Day, Check Point witnessed an 86% increase in phishing emails related to the sale — and a 16% increase in phishing URLs.

Amazon Prime Day has become a prime target for cybercriminals, as are sales being promoted this week by Walmart, Macy’s, Target, and other large retail giants, said Saryu Nayyar, founder and CEO at Gurucul.

“Emails and social media ads can be spoofed by attackers, inviting eager deal seekers to click on rogue links that offer deals too good to be true,” Nayyar said “Employees who use their corporate devices to shop on Amazon Prime day should be especially wary of clicking on links in ads and in emails from senders they do not know. In the work-from-home era, employees often use their devices off hours for personal use. This becomes a serious security threat if they are not following cybersecurity best practices and corporate policy.”

Ryan McCurdy, vice president of marketing at Bolster, Inc., added that 75% of companies worldwide have experienced some form of phishing attack as it's one of the easiest tactics that hackers use to steal data from employees, customers, and partners. McCurdy said phishing scams are so convincing because they often mimic the look of a brand or a credible person down to a very fine detail. To make matters worse, McCurdy said they prey on human action bias, with a call to action stating that attention must be taken right now.

“As employees adapt to unfamiliar work environments away from the office, their primary focus is not necessarily on security and robust methods of authentication,” McCurdy said. “Unfortunately, too many organizations still depend solely on passwords to gain access to devices, applications, and networks. Yet, passwords come with a range of inherent weaknesses — they can be easy to guess, they get reused and, of course, they can be phished. Credential stuffing attacks depend on the ill-advised practice of password reuse.”

Chris Olson, CEO at The Media Trust, added that the cyber actors behind phishing attacks are increasingly opportunistic, looking for any trend to exploit in service of their goals. Olson said during the pandemic, phishing attacks related to vaccines and fake health products climbed astronomically — meanwhile, corporate events like Prime Day are a perfect opportunity to ensnare victims with enticing offers.

“Consumers should stay aware that email is not the only way they can be phished,” Olson said. “Fake links can spread through malicious advertising and redirects across popular websites and mobile apps. They can also spread through SMS. With phishing attacks reaching an all-time high in Q1 of this year, organizations must enforce digital trust and safety measures across their domains, and consumers should exercise caution wherever they go.”