As Amazon Prime Day approaches (July 8-11, 2025), millions of shoppers are gearing up for what promises to be one of the biggest online shopping events of the year. But while youβre hunting for deals, cybercriminals may be hunting for you. A recent devastating case from Montana serves as a stark reminder that not all βAmazonβ calls are what they seem.
In April 2025, an elderly Missoula woman received what seemed like a routine customer service call. The caller claimed to be from Amazonβs fraud department and asked if she had recently purchased computer equipment. When she said no, the callerβs tone shifted to concern; they claimed her identity had been stolen, and immediate action was needed.
What followed was a masterfully orchestrated scam that would ultimately cost the woman nearly $1 million. The fake Amazon representative transferred her to what appeared to be the βSocial Security Department,β where another scammer told her that her personal information had been linked to a money laundering investigation. To βprotectβ her funds, she was then connected to someone claiming to be a U.S. Marshal.
The supposed federal agent convinced her that the money in her bank accounts needed to be βlegalizedβ to keep it safe from the criminals who had stolen her identity. Over multiple visits to her home, the woman handed over cash and gold to people she believed were federal agents protecting her life savings. Instead, she was systematically robbed.
The scam only unraveled when law enforcement, working with the victim, set up a sting operation. When 29-year-old Zabi Ullah Mohammed arrived for what he thought would be another pickup, police were waiting. They found nearly $70,000 in cash in his vehicle, along with airline tickets and rental car documents β evidence of a sophisticated, multi-state operation.
This Montana case isnβt an isolated incident, itβs part of a growing trend that peaks during major shopping events like Prime Day. What makes this year particularly concerning is the economic backdrop driving consumer behavior.
With recently implemented tariffs now in effect, including 25% on certain goods from Canada and Mexico and additional levies on Chinese products, American households are feeling unprecedented financial pressure. Recent polling shows 73% of Americans expect significant price increases in the coming months, while economists project tariffs could cost the average household nearly $1,200 annually.
This economic anxiety is creating a perfect storm for scammers, as our research shows that 46% of shoppers plan to shop more during Prime Day specifically hoping to save money in light of tariff-related price hikes. Older consumers are particularly motivated by these concerns, with 68% of shoppers aged 65+ citing tariff worries as a key driver for increased online shopping β making them prime targets for sophisticated scams promising exclusive deals and savings.
βAs inflation and tariffs push more people to hunt for deals, scammers are using generative AI to craft scams that are more polished, personal, and persuasive,β said Abhishek Karnik, Head of Threat Research at McAfee. βFrom retailer impersonations to hyper-realistic delivery scams, these threats are getting harder to spot. The good news is that the tools to fight back are getting smarter too. The best way to stay safe is to pause before you click, trust your instincts, and use AI-powered protection like McAfeeβs Scam Detector to stay one step ahead.β
Β
Figure 1. An example of an Amazon text phishing scam
Β
Older adults are particularly at risk, with 68% of shoppers aged 65+ saying tariff-related concerns motivate them to shop more online, potentially making them targets for scams promising βdeals.β Heavy shoppers face the highest risk, with 23% reporting being scammed during major sale events β more than double the rate of light shoppers. More than one-third (35%) of scam victims donβt tell anyone about being defrauded. The main reasons for staying silent include embarrassment (27%), not wanting to appear gullible (24%), and shame (9%).
Younger shoppers are far more likely to take risks on unfamiliar brands β especially on social media. Nearly a quarter of 18β34-year-olds say theyβre willing to buy from unknown retailers if the deal looks good, with 22% of 18β24s and 21% of 25β34-year-olds ready to click βbuy nowβ on offers from unknown brands. In stark contrast, older adults (65+) show extreme caution, with only 1% willing to engage with unfamiliar advertisements.
That openness comes with a serious trade-off. Platforms like TikTok Shop and Instagram Shopping are fast becoming hotspots for scam exposure. Nearly 1 in 3 young shoppers say theyβve encountered deepfake videos of influencers promoting deals or products that turned out to be scams during past sale events, and of those, a staggering 71% say either they or someone they know lost money. With 29% of shoppers browsing TikTok Shop and 10% using Instagram Shopping, these social platforms have become both a go-to destination for deals and a growing cybersecurity risk. The seamless integration of shopping and social content makes it easier than ever for scammers to blend fraudulent offers with legitimate content, creating a perfect storm of vulnerability.
The good news? These scams are preventable if you know what to watch for and take the right precautions. Hereβs your defense playbook:
While 89% of people plan to take specific safety steps during Prime Day, the sophistication of modern scams means we all need to stay vigilant. The Montana womanβs story shows how even intelligent, cautious people can fall victim to well-orchestrated psychological manipulation.
This Prime Day, remember that the best deal is the one that doesnβt cost you your life savings. Legitimate retailers will never pressure you to act immediately or ask you to pay with untraceable methods. When in doubt, hang up, take a breath, and verify independently. Your skepticism might just save your bank account, and your peace of mind.
Key Takeaway: Amazon, and most other retailers, will not ask you to provide sensitive information over the phone or request payment via gift cards, wire transfers, or cash. When shopping this Prime Day, if something seems suspicious, it probably is. Trust your instincts and verify independently.
The post How to Shop Safely During Amazon Prime Day appeared first on McAfee Blog.
A mysterious piece of "under development" code is playing havoc with the Windows Firewall after the latest preview update for Windows 11 24H2.β¦
Young Consulting's cybersecurity woes continue after the number of affected individuals from last year's suspected ransomware raid passed the 1 million mark.β¦
Meta has come out swinging following the European Commission's decision that its pay-or-consent model falls foul of the Digital Markets Act (DMA).β¦
Ransomware gang Hunters International has shut up shop and offered decryption keys to all victims as a parting favor.β¦
Let's Encrypt, a certificate authority (CA) known for its free TLS/SSL certificates, has begun issuing digital certificates for IP addresses.β¦
AI-powered chatbots often deliver incorrect information when asked to name the address for major companiesβ websites, and threat intelligence business Netcraft thinks that creates an opportunity for criminals.β¦
I always used to joke that when people used Have I Been Pwned (HIBP), we effectively said "Oh no - you've been pwned! Uh, good luck!" and left it at that. That was fine when it was a pet project used by people who live in a similar world to me, but it didn't do a lot for the everyday folks just learning about the scary world of data breaches. Partnering with 1Password in 2018 helped, but the impact of data breaches goes well beyond the exposure of passwords, so a couple of months ago, I wrote about finding new partners to help victims "after the breach", Today, I'm very happy to welcome the first such partner, Truyu.
I alluded to Truyu being an excellent example of a potential partner in the aforementioned blog post, so their inclusion in this program should come as no surprise, but let me embellish further. In fact, let's start with something very topical as of the moment of posting:
New email from @Qantas just now: βwe believe your personal information was accessed during the cyber incidentβ. They definitely deserve credit for early communication. pic.twitter.com/dTLlvI0Byq
β Troy Hunt (@troyhunt) July 2, 2025
It's pure coincidence that Qantas' incident coincides with the onboarding of an Aussie identity protection service, but it also makes it all the more relevant. My own personal circumstances are a perfect example: apparently, my name, email address, phone number, date of birth, and frequent flyer number are now in the hands of a hacking group not exactly known for protecting people's privacy. In the earlier blog post about onboarding new partners, I showed how Truyu had sent me early alerts when my identity data was used to sign up for a couple of different financial services. If that happens as a result of the Qantas breach, at least I'm going to know about it early.
The introduction of Truyu as the first of several upcoming partners heralds the first time we've tailored content based on the geolocation of the user. What that means is that depending on where you are in the world, you may see something different to this:
I'm seeing Truyu on the Dropbox breach page because I'm in Australia, and if you're not, you won't. You'll have your own footer with your own country, which is based on Cloudflare's IP geolocation headers. In time, depending on where you are in the world, you'll see more content tailored specifically for you where it's relevant to your location. That's not just product placements either, we'll be adding other resources I'll share more about shortly.
Putting another brand name on HIBP is not something I take lightly, as is evidenced by the fact this is only the second time I've done this in nearly 12 years. Truyu is there because it's a product I genuinely believe provides value to data breach victims and in this case, one I also use myself. And for what it's worth, I've also spent time with the Truyu team in person on multiple occasions and have only positive things to say about them. That, in my book, goes a long way.
So, that's our new partner, and they've arrived at just the perfect time. Now I'm off to jump on a Qantas flight, wish me luck!
If you're running the Engineering-Special (ES) builds of Cisco Unified Communications Manager or its Session Management Edition, you need to apply Cisco's urgent patch after someone at Switchzilla made a big mistake.β¦
The US security watchdog CISA has warned that malicious actors are actively exploiting two flaws in the Signal clone TeleMessage TM SGNL, and has directed federal agencies to patch the flaws or discontinue use of the app by July 22.β¦
Overview
If you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.
We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.
Please reserve top level comments for those posting open positions.
Rules & Guidelines
Include the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.
You can see an example of acceptable posts by perusing past hiring threads.
Feedback
Feedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
The medical research nonprofit vying to buy 23andMe is informing existing customers that it plans to complete the deal on July 8.β¦
The US Treasury has sanctioned Aeza Group, a Russian bulletproof hosting (BPH) provider, and four of its cronies for enabling ransomware and other cybercriminal activity.β¦
Security experts have uncovered a hole in Cl0p's data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack.β¦
Cyberattacks and undersea cable sabotage are blurring the line between war and peace and exposing holes in UK law, a government minister has warned lawmakers.β¦
I'm in Austria! Well, I was in Austria, I'm now somewhere over the Aussie desert as I try and end this trip on top of my "to-do" list. The Have I Been Pwned Alpine Grand Tour was a great success with loads of time spent with govs, public meetups and users of this little data breach project that kinda escalated. As I say in the vid, I'm posting a lot more pics publicly to my Facebook page, so if you want to see the highlights, head over there. That's it for this week, it's home for a day then I'll come to you from Tokyo for the next one.
Australian airline Qantas on Wednesday revealed it fell victim to a cyberattack that saw information describing six million customers stolen.β¦
Microsoft Intune administrators may face a few days of stress after Redmond acknowledged a problem with security baseline customizations.β¦