Thirtyseven4 EDR Security: Amazon Dangers
When you think of the Amazon rainforest what words immediately come to mind? Perhaps words such as “tropical”, “lush”, “wet”, and how about “dangerous”? After all, the Amazon is home to the jaguar, (with its fierce ability to stalk and ambush prey), the green anaconda (arguably the largest snake in the world), deadly poison dart frogs, blood-thirsty piranhas, and many more fascinating but can-be-malicious species of plants and animal. But be advised (warned) today that the Amazon rainforest might not be the only dangerous Amazon site with deadly things lurking.
Amazon.com is currently ranked number #1 as the most popular website in the ecommerce & shopping category, as of July 2023. It is estimated that non-Amazon Prime members spend an average of $38 per month, while subscription members spend an average of $110 per month on this (Amazon) website.
Cybercriminals are not unintelligent about this data, and have taken note of the (web) address where so many people (and their information and money) hang out.
Amazon’s popularity and substantial financial transactions provide cyber criminals with the motivation for continuous creation of new scams, utilizing sophisticated technologies to trick users by impersonating popular retailers (such as Amazon).
Impersonation comes in many forms, but a popular (because of its effectiveness) method utilized by hackers continues to be through email. The Thirtyseven4 EDR Security ThreatLab has recently observed a significant spike in fraudulent Amazon emails, most of which are crafted to create a sense of urgency to spark immediate reaction. Examples include:
Subject: [Important] Your account will be disabled.
Body: Open The attached files to see the further details of your case. [random case number]
Subject: [Amazon.com] Attention Needed: Suspicious login activity detected recently,
Body: Please review your login security attachment.
Subject: [Urgent] Please confirm your shipping confirmation
Body: Purchase receipt attached.
In each case, clicking on the embedded button or opening the attached PDF will prompt the user to enter their Amazon login credentials into a bogus phishing site. The cybercriminal can then sell your valuable data, purchase additional items on your behalf or use (your) credentials to potentially hack into other ecommerce sites that may rely on the same passwords. 80% of cyberattacks now leverage stolen or compromised credentials.
According to Amazon, here are some important tips to identify scams and keep your account and information safe:
- Trust Amazon-owned channels.
Always go through the Amazon mobile app or website when seeking customer service, tech support, or when looking to make changes to your account. - Be wary of false urgency.
Scammers may try to create a sense of urgency to persuade you to do what they’re asking. Be wary any time that someone/some company tries to convince you that you must act now or immediately. - Never pay over the phone.
Amazon will never ask you to provide payment information, including gift cards (or “verification cards,” as some scammers call them) for products or services over the phone. - Verify links first.
Legitimate Amazon websites contain “amazon.com” or “amazon.com/support.” Go directly to our website when seeking help with Amazon devices/services, orders or to make changes to your account.
With 80% of cyberattacks now leveraging stolen or compromised credentials, and Amazon.com being the #1 most popular website in the ecommerce & shopping…it’s safe to say that the Amazon rainforest is not the only Amazon “location” that has dangerous things lurking.
Most of us are not booking an expedition to the rainforest anytime soon, but many of us are booking various other things/sales/purchase online at amazon.com.
Be careful! Be wary! And be smart.
Regardless of what Amazon you’re planning on visiting next, exercise caution and be always very aware of your surroundings.
Trust us to protect you.
About Thirtyseven4 EDR Security:
Thirtyseven4 EDR Security exceeds cyber security insurance requirements and includes:
• Advanced EDR Capabilities
• A.I. based Ransomware Protection
• Next-Generation Malware Engine
• Automated Curative Response
• Advanced Next-Generation Anti-virus protection
• Automated/Monitored/Dynamic Endpoint Detection & Response (EDR) functionality
• A.I. based Ransomware Protection
• Next-Generation Malware Engine
• Automated Curative Response
• Removal of Current Antivirus Product
• Integrated Patch Management
• Anti-Keylogger modules
• Asset Management
• Firewall
• PC-Tuning
• Content Filtering
• Malware Detection & Removal
• Vulnerability Scanning
• Email Security
• Advanced Device Control
If you’re interested in receiving a non-obligation quote for Thirtyseven4 EDR Security, please complete the form located at:
https://www.thirtyseven4.com/get-a-quote/
We are grateful to be serving over 2,400 schools, businesses and non-rofits across the Nation and Thirtyseven4 EDR Security cares for our customers! We want the higher level of Security and Service for you and Thirtyseven4 EDR Security is it.
Thirtyseven4, LLC is dedicated to serving customers with a full palette of security solutions including AntiVirus, AntiMalware, Anti-Ransomware and Zero-Day Threat Protection.