Overview
- Amazon emailed customers this week outlining five common attacks, including fake delivery or account messages, phishing links, third‑party ads with unrealistic deals, unsolicited tech‑support calls, and requests through unofficial channels.
- The FBI’s Nov. 25 notice warns that brand impersonation can lead to full account takeovers and reports thousands of IC3 complaints with losses exceeding $262 million this year.
- Cybersecurity firms report a pre‑holiday surge in malicious infrastructure, with FortiGuard Labs tracking over 18,000 holiday‑themed domains and NordVPN noting a 232% rise in fake Amazon sites in October.
- Experts say AI is accelerating scams by cloning retailer sites, crafting persuasive phishing and ads, and generating deepfakes that mimic trusted brands and influencers.
- Safety guidance repeated across retailers, banks, and law enforcement urges shoppers to use official apps or websites, avoid links in messages, enable two‑factor authentication or passkeys, prefer credit cards, and report suspicious activity promptly.