Amazon Issues Attack Warning: 300 Million Users Warned of Scams Ahead of Black Friday

Liputan6.com, Jakarta Amazon issued a critical security alert to its more than 300 million users in November 2025.

This alert specifically highlights a surge in fraud and cyberattacks targeting online shoppers during the Black Friday and holiday shopping seasons.

This alert coincided with the start of the 2025 Black Friday shopping event, with Amazon sending an email to its customers on November 24, 2025.

It was updated on November 25, 2025, with new reports confirming the seasonal threat.

With an estimated 310 million active users in 2025, Amazon is a prime target for fraudsters, hackers, and other cybercriminals.

These scams are becoming increasingly sophisticated, often utilizing AI-generated messages, fake order confirmations, and elaborate phishing attempts.

Amazon Issues Attack Warning For 300 Million CustomersThere’s no escaping the annual Black Friday sales, which seem to last longer every year. Equally, there’s no escaping that Amazon is the top dog in both the event itself and as a target for cybercriminals.… pic.twitter.com/EbFNZCg76l

— Forbes (@Forbes) November 24, 2025

The Black Friday and holiday shopping seasons are always prone to increased cybercrime activity.

Amazon issues an attack warning in response to this trend, reminding users to exercise extra caution.

Cybercriminals are actively targeting major brands, including Netflix and PayPal, using sophisticated impersonation methods.

The fraudsters’ modus operandi includes the use of fake browser notifications and the Matrix Push criminal platform.

They attempt to trick users into handing over personal or financial data. This crime is not only financially damaging but can also lead to identity theft.

These scams directly target customers through various communication channels.

Amazon itself has shut down tens of thousands of phishing pages and deactivated thousands of fraud-related phone numbers in the past year.

Amazon has specifically identified several attack tactics that its customers should be wary of.

One of the most common is a fake message claiming a shipping issue or an Amazon account problem.

These types of messages are designed to trigger a panic reaction in victims.

Furthermore, fraudulent third-party advertisements, especially on social media, often offer deals that seem too good to be true.

Unofficial contacts, such as unsolicited messages or calls from tech support, also attempt to solicit account or payment information.

Suspicious links sent via email or text to verify credentials also pose a serious threat.

Phishing scams via email, smishing via text messages, and vishing via phone calls impersonating Amazon or Prime renewal notices are particularly prevalent.

Fraudsters often impersonate Amazon representatives to trick users.

To help customers protect themselves from cyberthreats, Amazon recommends a series of proactive steps.

It’s important to always use the official Amazon mobile app or website for all account changes, customer service, shipment tracking, and refund processing.

Enabling Two-Factor Authentication (2FA) is crucial for preventing unauthorized account access.

Additionally, utilizing a passkey that uses biometric data or a PIN can be a more secure login method than a traditional password.

Purchase verification must be done directly on Amazon, without responding to messages or clicking on links from third parties.

Customers are also advised to never share their Amazon credentials with third-party tools, websites, or anyone else.

If they encounter suspicious activity, Amazon encourages consumers to immediately report suspected fraud.