Latest news with #PieterArntz
Time of India
6 days ago
- Business
- Time of India
Amazon's big warning to 220m Prime members as scam sweeps US: Your account is under attack if you see this message
Amazon Prime customers have been warned about phishers sending fake Amazon correspondence . Scammers, in these Prime membership scams, are impersonating Amazon to target users and steal personal information such as security numbers, bank information or Amazon account details. In an email sent earlier this month, Amazon said there has been an increase in reports about fake emails, and over two-thirds o scams claimed to be related to order or account issues. 'Scammers who attempt to impersonate Amazon put consumers at risk,' Dharmesh Mehta, Amazon's vice president of Selling Partner Services, said in the notice. Explore courses from Top Institutes in Please select course: Select a Course Category Management Public Policy CXO Product Management Cybersecurity Data Science Technology others healthcare Design Thinking Operations Management Digital Marketing Data Analytics MBA Finance PGDM MCA Degree Artificial Intelligence Leadership Others Data Science Healthcare Project Management Skills you'll gain: Duration: 11 Months IIM Kozhikode CERT-IIMK General Management Programme India Starts on undefined Get Details Skills you'll gain: Duration: 9 Months IIM Calcutta CERT-IIMC APSPM India Starts on undefined Get Details Skills you'll gain: Duration: 10 Months IIM Kozhikode CERT-IIMK GMPBE India Starts on undefined Get Details 'Although these scams take place outside our store, we will continue to invest in protecting consumers and educating the public on how to avoid scams.' Pieter Arntz, a malware intelligence researcher at Malwarebytes, has issued a timely July 16 reminder that 'scammers are impersonating Amazon in a Prime membership scam.' ALSO READ: Brigitte Macron 'born a man' explosive theory gains traction after lawsuit against far-right podcaster Candace Owens Live Events What are the red flags about Amazon scammers? Amazon admits that such attacks are not easy to identify. But it recommends that users be alert to certain red flags that can indicate this kind of attack methodology. -Attackers will often create a false sense of urgency and leverage this to entice a knee-jerk reaction, such as clicking a link or providing account information. -Attackers will oftentimes ask for personal information, as well as the aforementioned account credentials, that a genuine caller or member of Amazon support staff would not. These may include, but are not limited to, payment and banking information. -Attackers may, as I mentioned earlier, suggest that you have made a high-ticket item order so as to leverage the urgency and require you to follow a link to cancel it. Attackers may attempt to get you to make payments outside of legitimate Amazon channels, including third-party sites and wire transfers, or even by way of gift cards. ALSO READ: $1,390 Stimulus check in 2025: Do Americans need to pay tax on the amount and who needs to apply? These new 'Amazon refund scam texts' have surged 'more than 50 times in the past two weeks" and the scale of text attacks sweeping the US and Europe is 'out of control.' 'The link in the message leads to a fake Amazon site designed to steal your account details and hack it," reports Forbes. The attackers assume you will have made a recent purchase on Amazon and who doesn't want an unexpected refund? The link is a short-code to beat Amazon's other warning to watch for misspelled URLs. In case you receive the text, delete it immediately per the advice from the FBI and state and local police forces. If you have any doubts, log into your Amazon account using your app or usual methods and check there. Text message scams have exploded into a billion-message industry, fueled by organized criminal networks—many operating from China and outside the reach of US law enforcement. While telecom providers block many suspicious messages, fraudsters now rely on vast 'SIM farms' of regular phones to evade detection and slip through filters. ALSO READ: Inside Eve Jobs' lavish $6.7million wedding to Harry Charles: Kamala Harris, Elton John confirmed guests How is Amazon educating its customers? If a user enters their credentials on the fake page, the scammer captures them—and can then access not only the real Amazon site but any other account that uses the same username and password. In some cases, the counterfeit login screen even requests payment details and other sensitive data, which all go straight to the fraudster. To help customers stay safe, Amazon has rolled out a secure-email feature for people who use Gmail, Yahoo! and other popular providers. When an authentic Amazon message arrives, you'll see the familiar smile‑logo icon in your inbox. ALSO READ: Jessica Simpson drops new song 'Fade' and fans are convinced she is calling out her ex Eric Johnson Amazon also offers these key tips for avoiding scams: Always verify that you're on Amazon's official app or website before making a purchase. Remember: Amazon will never request payment information by phone or email. Beware of messages creating a false sense of urgency or demanding gift‐card payments. If you ever have doubts about a request or transaction, contact Amazon directly.
Forbes
17-07-2025
- Business
- Forbes
Amazon Warns 220 Million Customers Of Prime Account Attacks
Beware this Prime account attack, Amazon warns customers. I know better than most that Amazon Prime subscribers are under attack: I have been on the sharp end of multiple phone calls and email-based threats in the last four weeks alone. I have the advantage of being a cybersecurity insider, and so you would expect me to be aware of such threats and deal with them accordingly. Not everyone is so well informed, however, which is why Amazon has warned all 220 million Prime customers as attackers strike. Here's what you need to know and do. Amazon Warns Hundreds Of Millions Of Customers As Attackers Strike Pieter Arntz, a malware intelligence researcher at Malwarebytes, has issued a timely July 16 reminder that 'scammers are impersonating Amazon in a Prime membership scam.' I say timely, quite besides regular reminders of such attack threats being most welcome, because I have experienced not one, but two of these this week. Both were telephone calls, which I only answered as I was expecting to hear from the hospital and was in bed, ill at the time. The cause of Arntz's reminder, and the underlying Amazon warning to all 220 million Prime customers, however, was a spike in email attacks claiming that subscription rates are about to rise, along with a cancel subscription button that would lead to Prime account credential theft. The phone calls I took, by the way, were similar in outcome but differed in that they wanted me to believe someone had purchased an iPhone 13, of all things, using my account. The warning emails from Amazon, which I received on July 4 and wrote about at Forbes on the very same day, started with a stark alert that Amazon has become aware of 'an increase in customers reporting fake emails about Amazon Prime membership subscription.' These emails are particularly dangerous because, as Amazon said, they 'might include personal information in the emails, obtained from other sources, in an attempt to appear legitimate.' This came on top of earlier warnings from security researchers that more than 120,000 fake Amazon domains and web pages had been set up in the weeks and months before Prime Day, one assumes to be used to help in such attacks. How To Mitigate Prime Attacks, According To Amazon The attack warning email from Amazon included a number of mitigation recommendations, including: You can find further advice from Amazon online regarding how it protects customers from scams, along with the best ways to report an attack.
Forbes
01-07-2025
- Forbes
Android Warning For 3.3 Billion Users As SMS Attacks Surge
Android SMS attacks surge by 692%. That Android's 3.3 billion users face a myriad of cyber threats is not a surprise to anyone. There's malware that can steal your photo gallery, the UNC6040 attacks that prompted Google to issue a threat intelligence warning, and, of course, the multitude of AI-powered attack threats. But, at the center of all of this cyberattack activity sits one thing: SMS. Google has already issued advice on how to mitigate the dangers of recent SMS Blaster attacks, where the hacker doesn't even need to know your phone number. Now, a Malwarebytes threat analysis has uncovered an alarming 692% surge in SMS-based attacks against Android users. Here's what you need to know. Android Threat Landscape Enters New And Dangerous Phase According to threat intelligence analysts at Malwarebytes, the Android threat landscape is not just evolving, it is entering an entirely new phase of its evolution. Pieter Arntz, a malware intelligence researcher at Malwarebytes, this represents 'an era marked not just by volume, but by coordination and precision.' Android attackers aren't 'throwing malware at users and hoping for results,' Arntz warned, but they are 'building ecosystems.' The June 30 Malwarebytes Labs report analyzed Android threats across the first six months of 2025, and found that Android threats as a whole have risen by 151%. However, it's when you start digging into the specific threat types that some worrying trends emerge. Spyware has seen 147% increase, with February and March taking the biggest brunt as a 4 times multiplication of the baseline was observed. But it is the SMS attack landscape that worries me, and Arntz, the most. Between April and May there was an incredible 692% surge in SMS-based malware attacks. Although there are seasonal factors to consider, with it being the tax seasons and all, Arntz said the surge was 'a jump that we can't just chalk up to coincidence.' Instead, Arntz sees this as reflecting a shift in strategy from the attackers who are scaling their operations to exploit 'both human psychology and systemic weak points.' Android attackers are 'playing the long game now — developing monetization strategies for every type of data they can harvest; every user behavior they can exploit,' Shahak Shalev, senior director of research and development for online platforms at Malwarebytes, warned. Mitigating The Android SMS Attack Surge To protect yourself, and your Android devices, from the latest SMS attacks, you should employ the following mitigations: Always use the official Google Play store to download your Android apps. Take care when granting permissions to a new app. Permissions like 'Display over other apps' should particularly raise a red flag, Arntz warns, as they can be used to intercept login credentials. SMS Blaster attacks us 2G networks, so disable 2G from your Android settings. Run a Google Security Checkup on your Android smartphone to ensure your Google account, a prime target for attackers, is as secure as possible.
