Nearly 7,000 fake Amazon domains registered ahead of Prime Day 2026, researchers warn

TL;DRCheck Point found 6,843 fake Amazon domains ahead of Prime Day, with phishing emails and fake storefronts targeting shoppers across 22 countries.

Cybersecurity researchers have identified nearly 7,000 fraudulent Amazon-themed domains registered in the six months leading up to Prime Day 2026, which begins on 23 June. Check Point Research tracked 6,843 new domains created between December 2025 and May 2026, with registrations peaking at 1,446 in April and remaining elevated at 1,267 in May.

Of the total, 9.2 percent were classified as malicious or suspicious. The rate accelerated sharply in early June: during the first week of the month, one in every 13 newly registered Amazon-themed domains was flagged, according to Check Point’s analysis.

Prime Day 2026 runs from 23 to 26 June across 22 countries, with four additional markets joining later in the summer, according to Amazon’s official event page. The extended four-day window and global reach make it a high-value target for phishing operations, which follow the same seasonal playbook that researchers documented around the FIFA World Cup, where over 13,000 fraudulent domains appeared in the months before kickoff.

The 💜 of EU techThe latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!The phishing infrastructure includes fake Amazon storefronts designed to harvest credit card numbers, spoofed login pages that steal account credentials, and email campaigns with subject lines such as “Refund Due, Amazon System Error” that direct recipients to counterfeit sites. Check Point flagged one campaign using a sender address mimicking Amazon’s customer service domain closely enough to bypass casual inspection.