Beware these account attacks, Amazon warns 300 million users.

NurPhoto via Getty Images

There’s no escaping the annual Black Friday sales, which seem to last longer every year. Equally, there’s no escaping that Amazon is the top dog in both the event itself and as a target for cybercriminals. With an estimated 310 million active users in 2025, Amazon has always been a prime quarry for scammers, hackers and other highly-targeted cybercrime activity. Now the online retail giant has issued a stark warning to every customer as account attackers strike. Here’s what you need to know and do.

ForbesNetflix And PayPal Users Warned As Matrix Hackers AttackBy Davey Winder

Amazon Sends Users Attack Warning – What You Need To Know

Hot on the heels of a new report that confirmed cybercriminals are targeting big brands, including Netflix and PayPal, using an impersonation process involving browser notifications and the Matrix Push criminal platform, Amazon has now sent a warning email to its 300 million users to stay alert for impersonation scammers. These cybercriminals are targeting Amazon users by reaching out to try and get “access to sensitive information like personal or financial information, or Amazon account details,” Amazon said in a November 24 email.

Of course, such attacks are not uncommon, nor are they new, but they do evolve, and warnings such as this from Amazon serve as a timely reminder to be particularly alert at this time of year.

The Amazon email warns of the following attacks:

• Fake delivery or account issue messages.
• Third-party adverts, including those on social media, offering amazing deals.
• Messages sent through unofficial channels requesting account or payment information.
• Ditto, but via unfamiliar links.
• Unsolicited tech support phone calls.

ForbesHackers Bypass Signal, Telegram And WhatsApp Encryption To Read MessagesBy Davey Winder

The Amazon Advice For Keeping Safe From These Attacks

Amazon has offered its customers the following advice to stay safe from these ongoing attacks, not only at this time of year but year-round.

• Only use the Amazon mobile app or website for customer service, account changes, delivery tracking, and refunds.
• Set up two-factor authentication when available for your online accounts to help prevent unauthorised account access.
• Use a passkey. It’s a safer way to sign in than using passwords, and it works with the same face, fingerprint, or PIN you already use to unlock your device.

Remember, Amazon will never ask you to make payments or to provide payment information over the phone, nor will it ever send emails asking customers to verify their account credentials. Stay safe out there! You can read more advice from Amazon about phishing attacks here.

ForbesX Users Warned Not To Review These Tweets — It’s A Hacker TrapBy Davey Winder