Amazon warns of widespread Amazon Black Friday scams

Amazon is holding its ' Amazon Black Friday 2025 ' sale from midnight on November 24th, 2025 to 11:59 PM on December 1st, 2025. Amazon has warned that there has been an increase in phishing attacks aimed at stealing users' personal information during Black Friday.

Holiday shoppers targeted as Amazon and FBI warn of surge in account takeover attacks | Malwarebytes
https://www.malwarebytes.com/blog/news/2025/11/holiday-shoppers-targeted-as-amazon-and-fbi-warn-of-surge-in-account-takeover-attacks

Amazon Black Friday deals active, but beware of cyber scams
https://www.app.com/story/news/crime/2025/11/28/amazon-black-friday-amazon-scam-fraud-money/87506885007/

Forbes reported that Amazon sent out an email on November 24th warning customers about a cyber scam, stating that cybercriminals are targeting Amazon users in an attempt to access sensitive information, including personal and financial information and Amazon account details.

According to Amazon, attackers targeting Amazon users attempted to steal personal information through the following attacks:

Sending messages about fake deliveries or account issues
Third-party advertising offering great deals, including advertising on social media
Sending fake messages requesting account or payment information through unofficial channels
Sending unfamiliar links
- Calls pretending to be technical support

In response, Amazon lists the following ways to protect yourself from fraud:

- For customer service, account changes, shipment tracking, and refunds, please use only the Amazon mobile app or website.
- To prevent unauthorized account access, please enable two-factor authentication for your online accounts, if available.
Use Passkey. A more secure way to sign in than using a password, log in with the same face, fingerprint, or PIN you use to unlock your device.

About Two-Step Verification - Amazon Customer Service
https://www.amazon.co.jp/gp/help/customer/display.html?nodeId=G3PWZPU52FKN7PW4

Additionally, FortiGuard Labs threat research predicts that 2025 will see a significant increase in the volume of newly constructed malicious infrastructure, account compromise activity, and exploits targeting e-commerce systems. Of the more than 18,000 holiday-themed domains registered in the past three months, at least 750 containing terms like 'Christmas,' 'Black Friday,' and 'flash sale' have been confirmed to be malicious. Domains imitating major retail brands have also seen a sharp increase, with FortiGuard Labs reporting that attackers have registered more than 19,000 e-commerce-related domains, 2,900 of which are malicious. Many of these domains mimic the names of well-known companies.

Cyberthreats Targeting the 2025 Holiday Season: What CISOs Need to Know | FortiGuard Labs
https://www.fortinet.com/blog/threat-research/cyberthreats-targeting-2025-holiday-season-what-cisos-need-to-know

Additionally, Darktrace research has revealed that phishing attacks targeting Black Friday shoppers have increased by 620% since early November, with 80% of these attacks impersonating Amazon.

Phishing attempts targeting Black Friday shoppers surge 620% in the weeks leading into the holiday weekend
https://www.darktrace.com/news/phishing-attempts-targeting-black-friday-shoppers-surge-620-in-the-weeks-leading-into-the-holiday-weekend

At the same time that Amazon warned customers about phishing attacks, the Federal Bureau of Investigation (FBI) also issued a public service announcement about a surge in account takeover fraud. Account takeover fraud occurs when attackers take over a user's account and use it for their own gain. Attackers use a variety of methods, including planting malware on computers or smartphones and launching credential stuffing attacks .

Internet Crime Complaint Center (IC3) | Account Takeover Fraud via Impersonation of Financial Institution Support
https://www.ic3.gov/PSA/2025/PSA251125