Amazon Prime Scam Cost Victims £1m

Uploaded on 2020-02-03 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Hundreds of people in the UK  have fallen victim to an Amazon Prime scam which has seen them collectively lose over £1m in just three months. Between 1 October 2019 and 16 January 2020, the National Fraud Intelligence Bureau (NFIB) identified 571 reports of Amazon Prime-related Computer Software Service Fraud. The scam has seen fraudsters steal over £1M from victims.

Victims receive an automated call telling them they’ve been charged for an Amazon Prime subscription, or that they’re eligible for a refund for an unauthorised transaction, on their Amazon account. As customers try to cancel the transaction, they’re put through to the scammer who is posing as an Amazon customer service representative. The victim is told that as the subscription was purchased fraudulently, remote access is needed to the computer to fix a security flaw.

The scam, which we first reported on in October, involves victims receiving an automated call, informing them that they have been charged for an Amazon Prime subscription. They are subsequently instructed to ‘press 1’ to cancel the transaction. When they do this, they are directed to a fraudster posing as an Amazon customer service representative.

The fraudster advises the victim that their subscription was purchased fraudulently and that remote access to their computer is required in order to fix a security flaw that will prevent it from recurring. The victim is asked to download a remote access application, often the ‘Team Viewer’ app, which grants the fraudster access to their computer.

The Team Viewer software is then mis-used by the criminal to monitor the victim logging onto their online bank account, which allows the fraudster to see the victim’s personal and financial details. Other variants of the crime involve fraudsters stating that the recipient is eligible for a refund for an unauthorised transaction on their Amazon account.

Take steps to protect yourself

Personal Information. Always question uninvited approaches in case it’s a scam. Instead, contact the company directly using a known email or phone number.
Stay in Control. Have the confidence to refuse unusual requests for personal or financial information. It’s easy to feel embarrassed when faced with unexpected or complex conversations. But it’s fine to stop the discussion if you do not feel in control of it.

Remote Access. Never install any software or visit a website as a result of a cold call. Unsolicited requests for remote access to your computer should always raise a red flag.

Hang up. If you feel harassed or intimidated, end the call. You have the right not to feel pressurised.

Ring the organisation. If you’re unsure whether the caller is genuine, you can always ring the company they claim to be from. Make sure you find the number yourself and don't use one provided by the caller.

Don't be rushed. Scammers will try to rush you into providing personal details. They may say they have a time-limited offer or claim your bank account is at risk if you don't give them the information they need right away.

Action Fraud:       Your Money:    Andover Advertiser:  

You Might Also Read:

Cyber Crime Costs Britain $27 Billion:


 

 

« Smart Cities Will Soon Be Under Attack
Looking For A Career In Cybersecurity? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CloudCheckr

CloudCheckr

CloudCheckr is a next-gen cloud management platform that unifies Security & Compliance, Inventory & Utilization and Cost Management.

Resilia

Resilia

RESILIA is a comprehensive portfolio of tools and training to help your organization achieve global best practice in cyber security.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

Elliptic

Elliptic

Elliptic solve the crucial problem of identity in cryptocurrencies, with the sole purpose of combating suspicious and criminal activity.

CM Blockchain Security Center

CM Blockchain Security Center

We are dedicated to building a healthier blockchain ecosystem, providing solutions to security technology, and helping those who practice in the area of blockchain to get insight into industry trends.

Meriplex

Meriplex

Meriplex is a Managed Services provider specializing in Intelligent Networks, Cybersecurity and Cloud Communications.

Greenberg Traurig (GT)

Greenberg Traurig (GT)

Greenberg Traurig, LLP (GT) is a global law firm with offices in 40 locations in the United States, Latin America, Europe, Asia, and the Middle East.

Rede Nacional CSIRT

Rede Nacional CSIRT

Rede Nacional CSIRT is a national network of CSIRTs in Portugal aimed at cooperation and mutual assistance in the handling of incidents and in the sharing of good security practices.

AgileBlue (Agile1)

AgileBlue (Agile1)

AgileBlue (formerly Agile1) is a managed breach detection company with an Autonomous SOC-as-a-Service for 24×7 monitoring, detection and guided response.

Wavex Technology

Wavex Technology

Wavex Technology is an award winning IT Services firm offering clients a secure and fully managed IT service.

Computer Services Inc (CSI)

Computer Services Inc (CSI)

CSI is a leading fintech, regtech and cybersecurity solutions partner operating at the intersection of innovation and service.

Waterleaf International

Waterleaf International

Waterleaf provide advanced network and cybersecurity solutions - informed by data sciences. Transforming Connectivity, Security and Information for Municipalities, Government & Enterprise.

Aurascape AI

Aurascape AI

Aurascape is working on advanced cybersecurity solutions powered by grounds-up generative AI architecture.

CarbonHelix

CarbonHelix

CarbonHelix provides cybersecurity services from US-based security operations centers that meet the highest compliance requirements.

Lenze

Lenze

Lenze are an experienced partner for automation systems, digitalization and cyber security.

EK3 Technologies

EK3 Technologies

EK3 Technologies mission is to provide comprehensive cybersecurity and IT solutions that allow our clients to focus on sustaining their business.