Wednesday, October 15, 2025
66.5 F
New York

Thousands of bogus Amazon sites are stealing users payments info


  • Over 120,000 fake Amazon websites appeared before Prime Day sales
  • Unauthorized payment scams rose to 38%, showing hackers’ shifting focus
  • Shoppers’ excitement around Prime Day is the perfect tool for scammers

Cybersecurity researchers have revealed cybercriminals once again took advantage of a massive shopping event to spread scams.

NordVPN found more than 120,000 malicious websites were created in the months leading up to the July 2025 sale, and this trend continued ahead of October’s sale, as attackers sought to exploit the rush.

Amazon Prime Day deals have long been a magnet for online shoppers, but the data suggests they have also become a magnet for scammers.

A changing objective among cybercriminals

NordVPN reports hackers are increasingly setting up fake websites designed to look like legitimate Amazon pages.

These pages often trick users into sharing payment information or downloading harmful files.

Amazon’s own data shows that the tactics of cybercriminals are shifting. Instead of trying to gain access to customer accounts, many are now targeting direct financial theft.

The number of cases involving unauthorized payments rose from 28% in April to 38%, marking the highest reported goal among attackers.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

NordVPN’s analysis also found that during Amazon’s 2025 Big Spring Sale earlier this year, the number of malware websites surged by 1,661%.

Similarly, phishing and scam sites increased by 1,294% and 8,325% respectively.

Many of these sites mimic the design and URL structure of official Amazon pages, tricking users into entering sensitive data or downloading harmful software.

The company detected 92,000 phishing websites masquerading as Amazon domains and nearly 21,000 that attempted to distribute malicious files.

Malware removal tools can help in such situations, but the most effective defense remains prevention.

“Major shopping events like Prime Day create perfect storms for cybercriminals. Scammers know that shoppers’ excitement and urgency around limited-time deals make them more susceptible to clicking on malicious links or sharing personal information,” says Marijus Briedis, chief technology officer (CTO) at NordVPN.

Experts advise shoppers to always use Amazon’s official website rather than following links from promotional emails or third-party posts.

Customers should also look for the secure “https://” prefix and the padlock symbol in the browser bar before entering any personal details.

Suspicious messages filled with grammatical errors or warnings about account closures should be treated with skepticism.

Amazon does not request sensitive information such as passwords or Social Security numbers through email.

Using a reliable password manager can also reduce exposure by generating unique, complex passwords for each site, minimizing the risk if one account is compromised.

Even though October 2025’s Amazon Prime Day is over, online shoppers are urged to stay cautious and remember that deals promising unrealistic discounts are often bait for scams.

“The fundamentals of cybersecurity can sometimes be forgotten during major online shopping events,” says Briedis.

“Shoppers should never click links in unsolicited emails, even if they appear to come from Amazon.”


Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

You might also like

Hot this week

US Defence Secretary Pete Hegseth’s plane ‘safe’ after unscheduled UK landing

Cracked windscreen forces US defence secretary's plane to make...

Syria’s Sharaa meets Putin in Moscow for first time since Assad’s fall

James LandaleDiplomatic correspondent Syria's interim President, Ahmed al-Sharaa, has held...

Ukraine imposes blackouts in most regions after Russian power grid attacks

Laura Gozzi and Paul KirbyEurope digital editor Global Images Ukraine via...

Baroness Mone-linked PPE firm misses deadline to pay 122m

Pritti MistryBusiness reporter A company linked to Baroness Michelle Mone...

UN humanitarian chief urges Israel to open more crossings into Gaza

Rushdi AbualoufGaza correspondent and Seher Asaf The UN humanitarian chief has...

Topics

US Defence Secretary Pete Hegseth’s plane ‘safe’ after unscheduled UK landing

Cracked windscreen forces US defence secretary's plane to make...

Syria’s Sharaa meets Putin in Moscow for first time since Assad’s fall

James LandaleDiplomatic correspondent Syria's interim President, Ahmed al-Sharaa, has held...

Ukraine imposes blackouts in most regions after Russian power grid attacks

Laura Gozzi and Paul KirbyEurope digital editor Global Images Ukraine via...

Baroness Mone-linked PPE firm misses deadline to pay 122m

Pritti MistryBusiness reporter A company linked to Baroness Michelle Mone...

UN humanitarian chief urges Israel to open more crossings into Gaza

Rushdi AbualoufGaza correspondent and Seher Asaf The UN humanitarian chief has...

Bessent blasts China as ‘unreliable’ as trade tensions mount

Danielle KayeBusiness reporter Watch: "This is China versus the world",...

Raila Odinga: Kenya’s former prime minister dies in India at 80

'Father of our democracy': Kenya's Raila Odinga dies in...

Energy standing charge plans could backfire, MPs told

Kevin PeacheyCost of living correspondent and Joshua NevettPolitical reporter Getty Images Energy...

Related Articles

Popular Categories