Other ways to search: Events Calendar | UTHSC

Cybersecurity Scam of the Week – Amazon Prime Day – Don’t Fall Victim to Phishing


Check Point Research (CPR) observed a 37% increase in Amazon-themed phishing attacks during the first week of July, ahead of Amazon Prime day this week. The emails come in a variety of templates, including one that informs recipients that they’ve recently made an expensive purchase. The user is directed to download an attachment that contains malware. Another email tells users that their payment method needs to be confirmed, and contains a link to a phishing site.

Per Checkpoint, “Last year during the month of Amazon Prime Day (June 2021) we witnessed an 86% increase in phishing emails relating to the occasion, and a 16% increase in phishing URLs compared to the previous month”. Checkpoint also discovered that there were almost 2K new domains related to ‘amazon’.  This year, Checkpoint found approximately 1,900 new domains containing the term ‘amazon’, and 9.5% of these were found to be risky, either malicious or suspicious. Researchers believe that this low percentage could partly be explained by cybercriminals not always having the full term “amazon” included in the domain being registered for phishing purposes to avoid detection. Furthermore, these cybercriminals might leverage these domains for a later use, and do not want them to contain content that could be deemed malicious.

The Office of Cybersecurity has Phishing and Phishing Emails webpages to educate our campus about these social engineering scams. Please check them out. 

What has been reported to Abuse this past week?

  • [Ext] Update Paswd Notification 7/7/2022 – a phishing email requiring “immediate” action from “IT-System-HQ”, not a UTHSC email address. 
  • [Ext] Invoice NEW 2 746 from Billing Online – a phishing email with an attached “invoice” that needs payment the same day it was delivered, i.e. immediate action. 
  • [Ext] I want To Post On Your Website Guest – believe it or not, this wasn’t forwarded from a UTHSC individual but was a phishing email that came directly to Abuse from the outside. 

Keep reporting suspicious emails to abuse@uthsc.edu for examination. If you wish to report an incident to the Office of Cybersecurity, use TechConnect.