The scale of this threat to holiday shoppers in general and Amazon customers in particular has been echoed by the latest research from Guardio. “Black Friday is no longer just a shopping day,” it warns. “It has become a hunting ground for cybercriminals armed with artificial intelligence.”

Guardio points out that “Americans lost over $432 million to online shopping fraud in 2024, and experts predict 2025 will shatter that record as AI-powered attacks reach unprecedented sophistication.” Amazon is highlighted again, alongside other major brands, including Walmart, Costco, Apple, AT&T and Verizon.

The latest wave of phishing attacks use AI as never before, “which means perfect grammar, professional designs, and convincing copy that makes traditional ‘red flags’ obsolete. The old advice to ‘look for spelling errors’ or ‘check for poor formatting.’ That’s ancient history. AI has eliminated those telltale signs.”

According to Guardio, “The most common trap is the urgent account alert. You receive a text claiming your Amazon account has been ‘suspended due to suspicious activity’ or your Verizon bill ‘couldn’t be processed’ and you need to ‘verify your information immediately’ by clicking a link’.”

Amazon is working hard to combat the plague of impersonation scams that target attacks against its users, the objective being to steal user names and passwords and gain access to accounts. The answer, Amazon says, is to add a passkey to your account.

Sectigo CTO Nick France pushes the same security message, telling me “as the holiday shopping season reaches its peak, consumers are eager to snag the best deals online, but this surge in activity also attracts cybercriminals looking to exploit vulnerabilities.”

France warns that “ultimately, security is a shared responsibility. Consumers can benefit by staying vigilant and shopping wisely, while businesses must maintain their security posture to promote trust and confidence. Together, these efforts help create a safer online shopping experience during the holiday season and beyond.”

Amazon is doing that. Its security advice is now front and center. “To securely sign in to your Amazon account you can enable a passkey to simply use your face, fingerprint, or the PIN that you use to unlock your device. Passkeys are a convenient and secure way to sign in to your Amazon account without using a password.”

And hundreds of millions of Amazon customers have already upgraded their security. Along with Google, Amazon is leading the way in passkey adoption. Add one to your account now, after which you don’t have to worry about credential stealing attacks.

“This year we’re guaranteed to see ever more sophisticated scams, primarily fueled by AI,” Keeper Security’s Anne Cutler told me. “Black Friday doesn’t need to be a hacker’s payday. A few proactive steps, coupled with an identity-first mindset, can make the difference between a money-saving bargain and a costly breach.”

Amazon is issuing its own warnings to customers to beware these scams over the holiday period. “The company confirmed to USA TODAY on Friday, Nov. 28 that Amazon has been sending customers messages about avoiding such scams.”

These emails started hitting U.S. inboxes in early November, “and customers in the United Kingdom this week.” The messaging in the emails reinforced the company’s focus on impersonation, and discerning real from fake Amazon reach-outs.

But while multiple cyber security firms have issued warnings for Amazon users as attacks escalate, Amazon plays down the threat. “When asked about the notices,” USA TODAY reports, “Amazon clarified the messages are not warnings or alerts as other outlets have reported, but ‘educational efforts’ to protect customers.”

There are some semantics at play here. Impersonation in itself is meaningless. It’s not a different form of attack. It’s just a lure. It doesn’t matter whether it’s a toll collection company, a parcel delivery company, the federal government or Amazon, the objective is the same. And the underlying platforms that power the scams are the same.

The text to email will include a link to a fake website or a fake sign-in page. The lure will match the link and likely the domain as well. Thousands upon thousands of domains are registered monthly, designed to trick your eyes into thinking it’s a legitimate URL.

If you fall for an Amazon refund or discount or account lure, the goal is to have you sign-in on an attacker’s fake page and give away your credentials. These can then be used by the attacker to access your account. If the link directs to a fake website, the goal is to steal your personal and financial information, as you shop for non-existent goods, compelled by offers that look too good to be true — and are exactly that.

Amazon is the most impersonated brand in retail phishing attacks simply because it’s the biggest online retail brand. Attackers calculate that most of the email addresses or cell phone numbers they target will have an Amazon account, increasing their hit rate.

“The psychology behind holiday scams is simple,” Guardio says. “Distraction plus urgency equals vulnerability. Cyber criminals exploit this decision fatigue. They’re not just sending random attacks; they’re timing their scams to coincide with the exact moments when you’re most likely to click without thinking.”