Protect Yourself Against Amazon Prime Day Phishing Scams

The great Amazon Prime Day is upon us. Naturally, Amazon wants you to part with as much of your money as possible, but it isn’t the only one. According to a report from Wired, a big phishing scam called 16Shop is looking to sucker unwary spenders into giving up key details — their names, birthdays and credit card information — to access so-called Prime Day deals.

As McAfee notes in a blog post today, this phishing kit actually started as a means for suckering Apple account holders. Those targeted received an email that looked like this:

Attached would be a PDF file that contained a link, and that link would direct the recipient to a fairly authentic-looking sign-in page for their Apple account.

Obviously, that’s not a real Apple sign-in page. And the same holds true for the new variant of 16Shop that tries to sucker recipients into visiting a fake Amazon sign-in page:

How to not get suckered by phishing emails

You’re probably smart enough to know that when an email looks suspicious — or worse, asks you to open up an attachment — you should steer clear. Do not open that attachment. Do not click on links in the email. Do not submit information that you normally don’t have to pass along when signing into a service from Amazon, Apple, or whomever.

However, if you (or your less-technology-savvy loved ones) need a little extra help, here’s a quick checklist for making sure you don’t get caught by a scammy phishing email:

  • When in doubt, ignore it: If a service really needs to get ahold of you for whatever reason, they’ll send another email. You can always call them up, too, and perhaps their customer service line can help confirm whether the company is actually trying to reach you for something.

  • Phone a friend: If an email feels the slightest bit suspect, but you aren’t sure, ask one of your tech-enthused friends to take a peek. They might be able to quickly show you why that Amazon email isn’t actually from Amazon.

  • Dig deeper into who sent you the email: Your email application of choice might simply say a message is from “Amazon,” but it more than likely also lists out the exact email address sending you the message. If not, find out what that is — on Gmail, for example, this is as easy as clicking the little arrow next to the “to me” line below the sender’s name. Then, look at the “From:” line to see who sent the message. If it’s not from the “” domain, it might not actually be from… Amazon.

  • Don’t open attachments if you weren’t expecting one: Most people probably have a good idea if, or when, someone is going to send them a file. If you get one in your inbox from an unknown or strange sender out of the blue — why would Amazon send you a PDF, and not just type whatever in an email? — be suspicious. If you ignore this advice and open up said attachment, and that attachment looks weird, don’t do anything else with it.

  • Hover your mouse over hyperlinks: This is a simple, but effective trick. Don’t click blindly on hyperlinks. Hover your mouse over them to see where they’re actually pointing: If an hyperlink actually points to some random-arse website that doesn’t look like plain ol’ at all, that’s not Amazon’s website.

  • Look at your browser’s address bar, not the website on the screen: When you click a link and are asked to input important information, take a split-second to peek at your browser’s address bar. A website might look authentic but, as before, if the actual address only has a company’s name as part of the subdomain — like — that’s not actually Amazon’s website.

  • Use a password manager: If you do fall for a phishing scam, make sure that the jerks behind it only get your login credentials for a single site, not the similar user name and password you use for every site. A password manager isn’t just helpful for logging into things. It’s great for encouraging you to use different, complicated passwords for every site and service.

  • Consider the information you’ve already coughed up: If you’ve always logged into Amazon using a user name and password and the site already has your credit card information stored, why would it be asking for you to input your full credit card number again? Why would it need your social security number? Why has it forgotten your birthday? Your suspicions should be on overdrive by this point.


Leave a Reply