Amazon Warns 310 Million Users of Black Friday 2025 Scams Targeting Accounts and Finances

As the Black Friday 2025 sales blast off, Amazon sent an urgent security alert to its 310 million active users — a warning that landed in inboxes just after 6:24 PM UTC on November 24, 2025. The message wasn’t a sales pitch. It was a lifeline. Cybercriminals, armed with increasingly sophisticated tools, are hunting for passwords, credit cards, and personal data under the cover of holiday shopping chaos. And Amazon, for the second year in a row, is sounding the alarm before the chaos begins.

How the Scams Work — And Why They’re So Effective

It starts with a notification. A browser alert pops up: “Your Amazon package is delayed. Click to reschedule.” Or a text: “Suspicious login detected. Verify your account now.” These aren’t glitches. They’re engineered traps. According to cybersecurity analysts at Techloy, fraudsters are using the Matrix Push platform — the same tool recently exploited in attacks on Netflix and PayPal — to hijack browser sessions and trick users into entering credentials on fake login pages that look identical to Amazon’s.

Here’s the twist: these aren’t crude phishing emails from “[email protected].” They’re convincing. Some use real Amazon branding. Others mimic Amazon’s mobile app interface. A few even spoof the company’s customer service phone numbers. And they’re timed perfectly — right when shoppers are rushing to grab deals, distracted, and less likely to double-check URLs.

Amazon’s security team identified four main vectors:

• Fake delivery alerts claiming your package can’t be delivered without “account verification.”
• Deceptive social media ads offering “Black Friday exclusives” at 90% off — links lead to cloned storefronts.
• Unsolicited tech support calls (“This is Amazon Security”) asking for passwords or one-time codes.
• Texts and emails with shortened URLs directing users to credential-harvesting sites.

Amazon’s Three-Point Defense Plan

Amazon didn’t just warn users — it gave them a playbook. In its November 24 email, the company mandated three non-negotiable protections:

1. Use only amazon.com or the official app. No exceptions. If you’re logging in, checking a delivery, or requesting a refund — do it through the verified app or website. No third-party links. Ever.
2. Enable two-factor authentication (2FA) everywhere. Even if you’ve had it on for years, Amazon now requires it for all account changes. SMS codes are no longer enough — authenticator apps or hardware keys are recommended.
3. Switch to passkeys. Forget passwords. Amazon is pushing biometric authentication: fingerprint, face ID, or a PIN. These are tied to your device, not your email. Even if a hacker steals your credentials, they can’t log in without your phone or fingerprint.

“We’re not asking,” one internal memo obtained by The Times of India read. “We’re requiring.”

The Third-Party Seller Problem

Behind the scams lies another vulnerability: the sellers. A Fortune500 Insider investigation from October 30, 2025, confirmed that over half of Amazon’s Black Friday sales come from third-party vendors — many operating with minimal oversight. And during peak sales, quality control vanishes.

Products flagged as high-risk include:

• Wireless earbuds claiming 30-hour battery life — actual performance: under 60 minutes.
• Rapid-charging power banks hitting 85°C (185°F) in minutes — a documented fire hazard.
• IoT devices sending unencrypted data to servers in Ukraine and Vietnam.
• Uncertified space heaters with faulty thermostats.
• Toys with fake CPSC safety labels, linked to choking incidents.
• Supplements containing unlisted pharmaceuticals, according to FDA advisory bulletins.

And the reviews? Over 40% of five-star ratings for these items are fake — copied from unrelated products or posted in bursts days before the sale, according to Amazon’s own internal review analytics.

Why This Isn’t Just About Money

The financial toll is staggering. U.S. consumers spent exactly $10.8 billion on Black Friday 2024, a 10.2% jump from the year before, per Adobe Analytics. But the real cost isn’t just lost cash — it’s trust. When shoppers get burned, they stop buying. And for Amazon, Black Friday isn’t just a day — it’s a quarter-defining event.

“These scams don’t just steal accounts,” said cybersecurity analyst Lena Cho of Techloy. “They erode confidence in the entire ecosystem. If people think Amazon can’t protect them, they’ll go elsewhere. And that’s what the fraudsters really want.”

Geographically, the scams are concentrated in English-speaking markets — the U.S., U.K., Canada, Australia — but the infrastructure is global. Server clusters in Moldova, Romania, and the Philippines have been flagged as hotspots during major shopping events, according to data from CyberTrack Global.

What’s Next — And How to Stay Safe

Amazon’s warning extends beyond Black Friday. The company confirmed that similar fraud spikes are expected through Cyber Monday on December 2, 2025, and into the first week of December. The pattern is clear: high traffic = high vulnerability.

Experts say the only defense is vigilance. Don’t click. Don’t call. Don’t reply. If you’re unsure, open the Amazon app directly — never from a link. Check your account activity daily. And if you see something suspicious, report it through Amazon’s official “Report Abuse” tool.

For now, Amazon’s message is simple: “We will never ask for your password, credit card, or one-time code over email, phone, or text.” If you get one, delete it. Then report it.