Overview
- Darktrace reports Amazon remains the top impersonated brand, warns of a roughly 48‑hour high‑risk window through Cyber Monday, and cites a 620% jump in November attacks.
- Researchers flag rapid infrastructure growth, with Fortinet counting about 19,000 e‑commerce‑themed domains and roughly 2,900 malicious, and NordVPN noting a 250% spike in fake shopping sites.
- CISA advises shoppers to avoid unsolicited links, verify retailer URLs before paying, and treat unreal discounts as red flags, noting browser protections may not catch every fake.
- Amazon promotes passkeys to reduce credential‑theft risk, with the company confirming it sent customer education on spotting impersonation attempts.
- Officials and security experts warn of newer lures including QR‑code “brushing” packages and AI deepfakes, urging consumers to go directly to retailer sites and favor credit cards for stronger protections.