Updated November 26 with a startling new warning from the Federal Bureau of Investigation regarding account takeover attacks using brand impersonation methods; details of a new report confirming the seasonal dangers, alongside the original Amazon alert that all 300 million users need to be aware of, as hackers and scammers continue their attacks.
There’s no escaping the annual Black Friday sales, which seem to last longer every year. Equally, there’s no escaping that Amazon is the top dog in both the event itself and as a target for cybercriminals. With an estimated 310 million active users in 2025, Amazon has always been a prime quarry for scammers, hackers and other highly-targeted cybercrime activity. Now the online retail giant has issued a stark warning that every customer must take seriously as attackers strike. Here’s what you need to know and do.
Amazon Sends Users Attack Warning – What You Need To Know
Hot on the heels of a new report that confirmed cybercriminals are targeting big brands, including Netflix and PayPal, using an impersonation process involving browser notifications and the Matrix Push criminal platform, Amazon has now sent me a warning email, but all 300 million users should take note and stay alert for impersonation scammers. These cybercriminals are targeting Amazon users by reaching out to try and get “access to sensitive information like personal or financial information, or Amazon account details," Amazon said in a November 24 email.
Of course, such attacks are not uncommon, nor are they new, but they do evolve, and warnings such as this from Amazon serve as a timely reminder to be particularly alert at this time of year.
The Amazon email warns of the following attacks:
Amazon’s Seasonal Attack Warning Is Timely And Necessary
A new FortiGuard Labs report, published November 25, has confirmed that Amazon is quite correct in sending out the hack attack warning emails. Citing the domain registration as a clear indicator of pre-holiday attack intent, FortiGuard Labs said that it had “identified more than 18,000 holiday-themed domains registered in the past three months, including terms such as Christmas, Black Friday, and Flash Sale,” and that “at least 750 of these were confirmed malicious.”
Amazon’s Seasonal Attack Warning Is Timely And Necessary
A new FortiGuard Labs report, published November 25, has confirmed that Amazon is quite correct in sending out the hack attack warning emails. Citing the domain registration as a clear indicator of pre-holiday attack intent, FortiGuard Labs said that it had “identified more than 18,000 holiday-themed domains registered in the past three months, including terms such as Christmas, Black Friday, and Flash Sale,” and that “at least 750 of these were confirmed malicious.”
FBI Adds Reveals The Extent Of Brand Impersonation Account Takeover Attacks
The Federal Bureau of Investigation has joined those warning of the dangers of brand impersonation, alongside the likes of Amazon’s latest email alerts, as they impact account takeover attacks. The November 25 public service alert, I-112525-PSA, has warned of the dangers of account takeovers using brand impersonation tactics through social engineering attacks involving all methods of communication, including phone calls, texts, instant messages and emails.
Since January 2025 alone, the FBI’s Internet Crime Complaint Center has, the alert confirmed, received thousands of complaints regarding such account takeover fraud. The total amount of the losses reported, and I trust you are sitting down, came to more than $262 million, according to the FBI.
While the FBI alert relates to the use of financial institution brand impersonation, the methods and ramifications are the same for all major brands, including retail.
“A cyber criminal manipulates the account owner into giving away their login credentials, including multi-factor authentication code or One-Time Passcode,” the FBI warned, by impersonating employees such as customer support and technical support staff. These credentials are then used to log in to the legitimate website account and “initiate a password reset, ultimately gaining full control of the accounts.”
No matter the method of communication used by the attackers, the FBI warned that the tactics used are often the same. “In some instances, the cyber criminal states there are fraudulent transactions,” the alert said, “and may provide a link to a phishing website that the account owner believes will report the fraud or prevent additional fraudulent transactions.” These sites are convincing clones of the genuine brand, convincing enough for the victim to log in using their credentials, and the party is then over.
0 Comments