The wait is finally over and the best Amazon Prime Day deals have just gone live. But there's a caveat for users who are looking to make the most of the shopping extravaganza will last 48 hours this year.

Security researchers Oliver Devane and Rafael Pena of McAfee Labs discovered that a phishing website 16Shop has been targeting Amazon users for alleged financial theft, News18 reported.

According to the researchers, 16Shop has been targeting users since May 2019. Earlier it targeted Apple users by creating a fake login page and urged users to re-enter credit card details, the report said.

Also Read: Amazon Prime Day 2019 Sale: All the best deals we are expecting to see this year

Previously operated by an Indonesian hacker who goes under the alias of 'DevilScreaM', the 16Shop phishing tool is claimed to have been marketed to vendors through a closed Facebook group as well, which in turn may have resulted in more attackers using it to target large-scale websites such as Amazon, News18 reported.

While the hacking tool was used in the United States and Indonesia, it is not quite clear if it has been used to hack any Indian websites, the report added.

Launched for the third consecutive year, the 48-hour sale on Amazon is exclusive to its Prime customers, wherein Prime members will be able to avail huge discounts on products across categories. The sale would also see significant traffic on the website.

Users are advised to only use the official website of Amazon and no other, which offers an Amazon login interface.

According to a blog post by McAfee, the following URLs should be avoided at all cost and added to the blacklist of the firewall that you are using:

verification-amazonaccess.secure.dragnet404.com/

verification-amazon.servicesinit-id.com/

verification-amazonlocked.securesystem.waktuakumaleswaecdvhb.com/

verification-amazonaccess.jaremaubalenxzbhcvhsd.business/

verification-amazon.3utilities.com/

verification-amaz0n.com/

(Do not click on any of these addresses, or access voluntarily.)