- 200 million subscribers from Amazon Prime received a warning email about scams
- Most attacks focused on fake prices increases
- Social engineering is the best friend of an attacker
With Amazon Prime Day now behind us, Malwarebytes has revealed a new investigation that shows the old trends are repeated: every year, we see an increase in scams and attacks against unsuspecting victims, and 2025 was not different.
This year, around 200 million main clients received the company’s warnings about ongoing attacks, with some useful tips on what to take into account.
“The scammers are sending false emails that claim that their Amazon Prime subscription will automatically be renewed at an unexpected price,” said the company.
Amazon Prime Day Stabas
By making genuine subscribers believe that costs are increasing, attackers can infuse an emergency feeling, since many seek to prevent price increases or completely cancel. Personalized and personal information in emails, such as a user’s name, can also help imitate authenticity.
In many cases, attackers include a link to a page for victims to cancel their subscription or account change configuration, which leads them to a place similar to a place as they enter their credentials. Some cases also saw the attackers direct the victims to the sites that deliver malicious useful charges, including malware that could put at risk much more than their Amazon accounts.
“The false site can also request payment information and other personal details that, when they are entered, will go directly to the scammer that will be used quickly or sell them,” Malwarebytes continued.
False messages about prime membership renovations, false reimbursement offers and calls that claim that Amazon accounts have been pirated were among the most popular scenarios with which Amazon workers were forced to deal during the first days of the first days of this month.
Fortunately, the same advice still applies when it comes to protecting accounts, because social engineering remains the most effective attack vector.
Some common steps include verifying the email address of the sender in a verified list, enabling the two -step verification in the accounts, not repeating passwords in multiple accounts and not the following links unless it is absolutely necessary.
Amazon also repeats your messages in the message center, so if you receive only an email message, this could be an attack signal.
