Amazon Prime Scam Cost Victims £1m

Hundreds of people in the UK  have fallen victim to an Amazon Prime scam which has seen them collectively lose over £1m in just three months. Between 1 October 2019 and 16 January 2020, the National Fraud Intelligence Bureau (NFIB) identified 571 reports of Amazon Prime-related Computer Software Service Fraud. The scam has seen fraudsters steal over £1M from victims.

Victims receive an automated call telling them they’ve been charged for an Amazon Prime subscription, or that they’re eligible for a refund for an unauthorised transaction, on their Amazon account. As customers try to cancel the transaction, they’re put through to the scammer who is posing as an Amazon customer service representative. The victim is told that as the subscription was purchased fraudulently, remote access is needed to the computer to fix a security flaw.

The scam, which we first reported on in October, involves victims receiving an automated call, informing them that they have been charged for an Amazon Prime subscription. They are subsequently instructed to ‘press 1’ to cancel the transaction. When they do this, they are directed to a fraudster posing as an Amazon customer service representative.

The fraudster advises the victim that their subscription was purchased fraudulently and that remote access to their computer is required in order to fix a security flaw that will prevent it from recurring. The victim is asked to download a remote access application, often the ‘Team Viewer’ app, which grants the fraudster access to their computer.

The Team Viewer software is then mis-used by the criminal to monitor the victim logging onto their online bank account, which allows the fraudster to see the victim’s personal and financial details. Other variants of the crime involve fraudsters stating that the recipient is eligible for a refund for an unauthorised transaction on their Amazon account.

Take steps to protect yourself

Personal Information. Always question uninvited approaches in case it’s a scam. Instead, contact the company directly using a known email or phone number.
Stay in Control. Have the confidence to refuse unusual requests for personal or financial information. It’s easy to feel embarrassed when faced with unexpected or complex conversations. But it’s fine to stop the discussion if you do not feel in control of it.

Remote Access. Never install any software or visit a website as a result of a cold call. Unsolicited requests for remote access to your computer should always raise a red flag.

Hang up. If you feel harassed or intimidated, end the call. You have the right not to feel pressurised.

Ring the organisation. If you’re unsure whether the caller is genuine, you can always ring the company they claim to be from. Make sure you find the number yourself and don't use one provided by the caller.

Don't be rushed. Scammers will try to rush you into providing personal details. They may say they have a time-limited offer or claim your bank account is at risk if you don't give them the information they need right away.

Action Fraud:       Your Money:    Andover Advertiser:  

You Might Also Read:

Cyber Crime Costs Britain $27 Billion:


 

 

« Smart Cities Will Soon Be Under Attack
Looking For A Career In Cybersecurity? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ProfitBricks

ProfitBricks

ProfitBricks is a secure cloud computing infrastructure-as-a-service (IaaS) solution.

GovCERT.CZ

GovCERT.CZ

GovCERT.CZ is the Government Computer Emergency Response Team of the Czech Republic.

4N6

4N6

4N6 is a privately-owned firm founded with the goal of providing expert knowledge of computer forensics.

Romanian Association for Information Security Assurance (RAISA)

Romanian Association for Information Security Assurance (RAISA)

RAISA promotes and supports information security activities and creates a community for the exchange of knowledge between specialists, academic and corporate environment in Romania.

AnChain.AI

AnChain.AI

AnChain.AI's analytics platform proactively protects crypto assets by providing proprietary artificial intelligence, knowledge graphs, and threat intelligence on blockchain transactions.

Netizen

Netizen

Netizen is an award-winning company that develops and leverages innovative solutions to enable a more secure cyberspace for clients in government and commercial markets.

Cyberi

Cyberi

Cyberi provide specialist technical consultancy and cyber advisory services, from penetration testing and assurance to incident management and response, and technical security research.

HiddenLayer

HiddenLayer

HiddenLayer is a provider of security solutions for machine learning algorithms, models and the data that power them.

ACI Learning

ACI Learning

ACI Learning - Training tomorrow’s industry leaders with formats for all types of learners in Audit, Cybersecurity, and IT.

Spera Security

Spera Security

Spera helps identity security professionals effectively and confidently measure, prioritize and reduce identity risk to better protect the organization from identity-based attacks.

DESCERT

DESCERT

DESCERT offers you an extended IT, cyber security, risk advisory & compliance audit team which provides strategic guidance, engineering and audit services.

Agile Defense

Agile Defense

Agile Defense is an Information Technology services provider, delivering leading-edge Digital Transformation solutions to the Federal Government.

Sentar

Sentar

Sentar is a cyber intelligence company, applying advanced analytics and systems engineering expertise to protect our national security by securing mission-critical assets.

Judy Security

Judy Security

Judy (formerly AaDya Security) provides smart, simple, effective, all-in-one cybersecurity for SMBs. Get the 24/7 protection and support you deserve, at a price you can afford.

TraitWare

TraitWare

The TraitWare mission is to increase user and company security while simplifying access to digital and physical resources through the elimination of the need for usernames and passwords.

Planisys

Planisys

Planisys is a cybersecurity leader specializing in cutting-edge DNS security and email security solutions.