Amazon Prime Scam Cost Victims £1m

Hundreds of people in the UK  have fallen victim to an Amazon Prime scam which has seen them collectively lose over £1m in just three months. Between 1 October 2019 and 16 January 2020, the National Fraud Intelligence Bureau (NFIB) identified 571 reports of Amazon Prime-related Computer Software Service Fraud. The scam has seen fraudsters steal over £1M from victims.

Victims receive an automated call telling them they’ve been charged for an Amazon Prime subscription, or that they’re eligible for a refund for an unauthorised transaction, on their Amazon account. As customers try to cancel the transaction, they’re put through to the scammer who is posing as an Amazon customer service representative. The victim is told that as the subscription was purchased fraudulently, remote access is needed to the computer to fix a security flaw.

The scam, which we first reported on in October, involves victims receiving an automated call, informing them that they have been charged for an Amazon Prime subscription. They are subsequently instructed to ‘press 1’ to cancel the transaction. When they do this, they are directed to a fraudster posing as an Amazon customer service representative.

The fraudster advises the victim that their subscription was purchased fraudulently and that remote access to their computer is required in order to fix a security flaw that will prevent it from recurring. The victim is asked to download a remote access application, often the ‘Team Viewer’ app, which grants the fraudster access to their computer.

The Team Viewer software is then mis-used by the criminal to monitor the victim logging onto their online bank account, which allows the fraudster to see the victim’s personal and financial details. Other variants of the crime involve fraudsters stating that the recipient is eligible for a refund for an unauthorised transaction on their Amazon account.

Take steps to protect yourself

Personal Information. Always question uninvited approaches in case it’s a scam. Instead, contact the company directly using a known email or phone number.
Stay in Control. Have the confidence to refuse unusual requests for personal or financial information. It’s easy to feel embarrassed when faced with unexpected or complex conversations. But it’s fine to stop the discussion if you do not feel in control of it.

Remote Access. Never install any software or visit a website as a result of a cold call. Unsolicited requests for remote access to your computer should always raise a red flag.

Hang up. If you feel harassed or intimidated, end the call. You have the right not to feel pressurised.

Ring the organisation. If you’re unsure whether the caller is genuine, you can always ring the company they claim to be from. Make sure you find the number yourself and don't use one provided by the caller.

Don't be rushed. Scammers will try to rush you into providing personal details. They may say they have a time-limited offer or claim your bank account is at risk if you don't give them the information they need right away.

Action Fraud:       Your Money:    Andover Advertiser:  

You Might Also Read:

Cyber Crime Costs Britain $27 Billion:


 

 

« Smart Cities Will Soon Be Under Attack
Looking For A Career In Cybersecurity? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Security Mentor

Security Mentor

Security Mentor provides innovative, online security awareness training designed for how people learn and work.

CDNetworks

CDNetworks

CDNetworks is a global content delivery network with a fully integrated cloud security solution, offering unparalleled speed, security and reliability for the almost instant delivery of web content.

Airbus Cybersecurity

Airbus Cybersecurity

Airbus CyberSecurity is a European specialist in cyber security. Our mission is to protect governments, military and critical national infrastructure enterprises from cyber threats.

Inceptus

Inceptus

Inceptus is a next generation Managed Security Service Provider (MSSP). We are dedicated to keeping our customers safe, secure and protected while doing business on the Internet.

AuthLite

AuthLite

With AuthLite, you can keep using all your existing software, with added two-factor authentication security placed exactly where you need it.

Qrator Labs

Qrator Labs

Qrator Labs is a leader in DDoS attack mitigation, helping organizations protect their websites from the most harmful, sophisticated DDoS attacks.

Grove Group

Grove Group

Grove provides businesses with the tools that work best for their unique operations, through cybersecurity and cloud services, custom software development and our big data analytics expertise.

Mindaro Insurance

Mindaro Insurance

Mindaro is adding the crucial piece of the cyber security puzzle that protects your organization from the financial ramifications of cyber attacks.

Certihash

Certihash

Certihash have developed the world’s first blockchain empowered suite of information security tools based on the NIST cybersecurity framework.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

National Cybersecurity Agency (ACN) - Italy

National Cybersecurity Agency (ACN) - Italy

The ACN is the National Authority for Cybersecurity in Italy. the Agency promotes public-private initiatives to strengthen the national cybersecurity and resilience posture.

Theos Cyber Solutions

Theos Cyber Solutions

Theos Cyber provides service-first cybersecurity solutions to digital businesses in Asia.

Rootly

Rootly

Rootly is an incident management platform on Slack that helps automate manual admin work during incidents.

Offenso Hackers Academy

Offenso Hackers Academy

At Offenso we focus on cyber security training focused on producing cyber security professionals with a wide range of abilities to counter threats from the internet and cloud to a business.

MadWolf Technologies

MadWolf Technologies

MadWolf’s mission is to deliver enterprise-quality managed services and focused applications to organizations operating in the non-profit, association and international development sectors.

Swick Technologies (SWICKtech)

Swick Technologies (SWICKtech)

SWICKtech offer IT managed services to increase IT security, stability, and performance for your organization.