Nearly 7,000 fraudulent Amazon Prime Day domains registered ahead of the big sale – here

• Check Point Research warns that Prime Day (June 23-26, 2026) is fueling a rise in malicious Amazon-themed domains
• 6,843 domains registered from December to May; almost 10% are flagged as malicious/suspicious, with June showing 1 in 13 risk domains
• Shoppers are advised to avoid Google searches on Amazon, check URLs and treat “too good to be true” deals with caution.

Thousands of new domains have been registered in the weeks and months leading up to Amazon Prime Day, most of which are malicious and created to steal consumer data and possibly money. That’s according to a new report from Check Point Research (CPR), in which the security organization warns that Prime Day is the perfect storm for any cybercriminal.

Amazon Prime Day will take place June 23-26, 2026. Over the course of four days, thousands of retailers across 25 countries will offer great deals on their goods and services, creating one of the biggest retail events on the planet. Therefore, they will also create one of the largest cyber attack events on the planet:

“Major moments in retail bring together the three ingredients that attackers exploit most: a global brand of trust, time-limited urgency, and mass purchase intent at scale,” CPR warns, adding that phishing emails, fake websites, fraudulent offers, and account takeover attempts increase during this period.

How to defend against Prime Day scams

For events like this, scammers prepare months in advance. CPR found that between December 2025 and May 2026, 6,843 new Amazon-themed domains were registered worldwide, most of which were created in April (1,446). As of May 2026, an additional 1,267 domains have been added.

Obviously not all of them will be malicious, but the CPR said that almost one in ten (9.2%) were already classified as malicious or suspicious, and in the first week of June, one in thirteen were labeled the same.

“This trend reflects a broader buildup of malicious infrastructure ahead of the event, with multiple Amazon-themed domains designed to exploit brand trust, urgency, and high purchase intent at scale,” the researchers warned.

To stay safe this Amazon Prime Day, always check the website you’re visiting, always go to the legitimate Amazon domain (https://www.amazon.com/) rather than relying on Google search results, and remember: if something looks too good to be true, it probably is.

Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). During his career, which spans more than a decade, he has written for numerous media outlets, including Al Jazeera Balkans. He has also hosted several modules on content writing for Represent Communications.