- 200 million Amazon Prime subscribers got a warning email about scams
- Most attacks centered around fake price hikes
- Social engineering is an attacker's best friend
With Amazon Prime Day now behind us, Malwarebytes has revealed new research showing old trends repeat themselves – every year, we see a surge in scams and attacks on unsuspecting victims, and 2025 was no different.
This year, around 200 million Prime customers received warnings from the company about ongoing attacks, with some handy pointers on what to look out for.
"Scammers are sending fake emails claiming your Amazon Prime subscription will automatically renew at an unexpected price," the company said.
Amazon Prime Day scams
By making genuine subscribers believe that costs are rising, attackers are able to instil a sense of urgency as many seek to prevent price hikes or cancel altogether. Customized and personal information in emails, such as a user's name, may also aid in mimicking authenticity.
In many cases, attackers include a link to a page for victims to cancel their subscription or change account settings, leading them to a lookalike site where they enter their credentials. Some cases also saw attackers direct victims to sites that deliver malicious payloads, including malware that could put far more than just their Amazon accounts at risk.
"The fake site might also request payment information and other personal details which, when entered, will go straight to the scammer who will be quick to use or sell them on," Malwarebytes continued.
Fake messages about Prime membership renewals, bogus refund offers and calls claiming Amazon accounts have been hacked were among the most popular scenarios Amazon workers were forced to deal with during this month's Prime Day sales.
Thankfully, the same advice still applies when it comes to protecting accounts, because social engineering remains the most effective attack vector.
Some common steps include checking the sender's email address against a verified list, enabling two-step verification on accounts, not repeating passwords on multiple accounts and not following links unless it is absolutely necessary.
Amazon also repeats its messages in the Message Center, so if a message is received by email only, this could be a sign of an attack.
You might also like
- These are the best password managers and best authenticator apps
- Downloaded something dodgy? Here's the best malware removal
- Hunting for early Prime Day deals? Beware, scammers have set up thousands of fake Amazon sites - here's what to look out for
