Amazon sends urgent alert — 300 million customers are at risk of cyber threat ahead of Black Friday
The annual Black Friday shopping frenzy is upon us, and with it comes the increased risk of cybercrime attempts. While millions of people hunt online for deals, hackers are waiting to exploit unsuspecting customers.
Amazon, a major online retailer with an estimated 310 million active users in 2025, has consistently been a prime target of scammers, hackers, and other highly targeted cybercriminal activity. As a precaution, the online retail giant has issued a warning that every customer should take seriously as attackers may be on the move.
The urgency follows a recent report confirming that hackers and cybercriminals are targeting major brands, including Netflix and PayPal, through an impersonation scheme that uses browser notifications and the Matrix Push crime platform. Forbes reported.
Amazon sent urgent warning to users
Amazon has sent out warnings to its customers, urging them to be wary of impersonation scams. These cybercriminals are targeting Amazon users by trying to access “sensitive information such as personal or financial information or Amazon account details,” Amazon said in an email received by users on November 24.
While these attacks are not rare or new, they continue to evolve, and alerts like this one from Amazon are a timely reminder to stay vigilant during the busy time of year when most people are surfing the web for new deals. Forbes reported.
Common attack methods to watch out for
— Fake messages: Receiving messages claiming there are delivery issues or an issue with your Amazon account.
— Deceptive advertising: Third-party ads, including on social media, that promote deals that seem too good to be true.
— Informal requests: Messages sent through unofficial channels or unsolicited technical support phone calls requesting account or payment information.
— Suspicious links: Being redirected to unfamiliar links via email or text.
Amazon’s timely warning needed
A new FortiGuard Labs report published on November 25 confirmed that Amazon’s timely warning of cyberattacks was quite accurate, citing a clear indication of attack intent ahead of the holidays:
— More than 18,000 holiday-themed domains, including terms like Christmas, Black Friday and Flash Sale, were registered in the last three months, and at least 750 of them were confirmed to be malicious, the report states.
— More than 19,000 domains impersonating major retail brands like Amazon have been registered, and 2,900 of them have been confirmed to be malicious. They often use small variations that are easy to miss when shoppers are moving quickly, the researchers said.
— Experts like Keeper Security’s Anne Cutler note that new scams are increasingly being fueled by AI, whether it’s convincingly fake order confirmations, fake retailer sites, or even AI-generated customer service messages designed to steal login credentials.
What does Amazon recommend to stay safe during such attacks?
To protect against these incessant attacks, Amazon recommends that all customers follow basic security practices throughout the year.
— Always use the official Amazon mobile app or website for customer service inquiries, account changes, delivery tracking, and refunds.
— Enable two-factor authentication, where appropriate, for your online accounts to prevent unauthorized account access even if your password is stolen.
— Switch to a passcode for a more secure sign-in method that uses the biometric data you use to unlock your device (face, fingerprint, or PIN).
— Note that Amazon will never ask you to pay over the phone or provide payment information, or send emails to customers asking them to verify their account credentials.
