As services recover from the recent AWS outage, scammers are taking advantage of the disruption.
While engineers worked to restore normal service, fraudsters began flooding inboxes, phone lines, and social media feeds with phishing attempts, fake tech support messages, and bogus “fixes.”
For already-frustrated customers, these schemes add insult to injury, turning a few hours of downtime into a longer-lasting disruption and putting them at risk.
The outage, which began at 00:11 PDT (08:11 BST), involved network connectivity issues at AWS’s US-EAST-1 data center in Northern Virginia and affected multiple AWS services until it was eventually resolved at 15:53 PDT (23:53 BST).
The downtime extended across Amazon’s own platforms as well as workplace tools, gaming platforms, food and transportation apps, social media, fitness and lifestyle apps, financial platforms, and several UK government websites that run on the tech giant’s cloud servers.
The extent of the outage not only highlighted our digital dependency and how much we rely on a single cloud provider for everyday digital life, it also laid bare the vulnerabilities that follow in the wake of such an outage, said Vonny Gamot, Head of EMEA at online protection company McAfee.
“AWS’ massive outage reminds us just how interconnected our digital world has become. When a single service like Amazon Web Services goes down, it’s not just businesses that feel the impact, it’s consumers trying to access everyday essentials like banking apps, emergency services, or even their favorite platforms like Fortnite and Snapchat.
“The complexity of our shared cloud infrastructure means a glitch in one system can send shockwaves across the internet.”
How Service Disruptions Put Customers—and Enterprises—at Risk
More than six million individuals were reportedly affected, according to security researchers at Cybernews.
Beyond the inconvenience of being unable to access services, such outages can open up customers to scam attacks. At a time when employees are stretched thin by efforts to get systems up and running, businesses also become more vulnerable to security breaches.
“Cybercriminals thrive in the confusion, exploiting the moment with fake support scams, phishing emails, and malicious links posing as fixes,” Gamot said.
Hackers can use AI tools to send emails to customers that appear to originate from an affected organization, often using a spoofed email address or phone number that mimics the organization’s legitimate details.
To help consumers navigate the aftermath safely, Gamot shared the following practical tips:
- Remain skeptical of unsolicited messages about service restoration or refunds, especially if they ask for personal information or urge fast action.
- Never send money or credentials through unofficial channels in response to a message about the outage.
- Outage days are prime time for misinformation, from fake screenshots to “DIY fix” instructions. Stick to official help centers and status pages.
For customer experience leaders, this raises a fresh challenge: managing trust as well as service reliability. When they cannot access a service, customers turn to brands for clarity, and silence or slow communication can leave a vacuum that scammers eagerly fill—not to mention competitors.
Exemplifying this, Mike Young, Project Manager at PTT Design noted in a LinkedIn post that his company buys its Autodesk software from a reseller that did not respond to a support ticket, while another reseller who contacted its email newsletter list of customers and non-customers with news of the AWS outage that had affected Autodesk software offered a workaround fix.
“Clearly a response to the outage that will make me get in touch with them next time I renew our software licenses,” Young wrote.
As Kolton Andrus, CEO and Founder of reliability management platform Gremlin put it:
“[The] AWS outage is a reminder to us all: Your customers don’t care whose “fault” it is, they pay you for reliable service. PSA: Avoid blaming your outage on AWS (or any vendor). You chose that dependency, so own the risks. Know how it fails, and always have a backup plan ready.”
“Outages happen, but proactive teams turn them into opportunities,” Andrus added.
Jacqueline Watts, Head of Corporate Commercial Law at Allin1 Advisory had a similar message:
“Whether your business runs on AWS, Azure, Google Cloud or a hybrid mix, the lesson is the same: Outages happen. What matters is whether your business can survive a digital blackout without losing customers, data or investor confidence.”
This is where disaster preparedness comes in, Watts added. Beyond ticking off a technical checklist, it requires having legal protections in contracts and service-level agreements, well-defined backup procedures, robust systems to maintain data continuity, and a clear communication plan for when things go wrong.
“If the AWS chaos made your heart skip a beat, take that as your cue to stress-test your stack, your supplier contracts, your customer agreements and your continuity plan now.”
All of this can feel like mere legal formalities, “until you realise your customers can’t access your platform and you’re suddenly explaining downtime and liability to different stakeholders.
In the fog of digital disruption, communication matters as much as technical recovery. The first few hours after an outage can define whether customers walk away reassured or fall prey to the next scam that lands in their inbox.
