Amazon Prime Scam Cost Victims £1m

Uploaded on 2020-02-03 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Hundreds of people in the UK  have fallen victim to an Amazon Prime scam which has seen them collectively lose over £1m in just three months. Between 1 October 2019 and 16 January 2020, the National Fraud Intelligence Bureau (NFIB) identified 571 reports of Amazon Prime-related Computer Software Service Fraud. The scam has seen fraudsters steal over £1M from victims.

Victims receive an automated call telling them they’ve been charged for an Amazon Prime subscription, or that they’re eligible for a refund for an unauthorised transaction, on their Amazon account. As customers try to cancel the transaction, they’re put through to the scammer who is posing as an Amazon customer service representative. The victim is told that as the subscription was purchased fraudulently, remote access is needed to the computer to fix a security flaw.

The scam, which we first reported on in October, involves victims receiving an automated call, informing them that they have been charged for an Amazon Prime subscription. They are subsequently instructed to ‘press 1’ to cancel the transaction. When they do this, they are directed to a fraudster posing as an Amazon customer service representative.

The fraudster advises the victim that their subscription was purchased fraudulently and that remote access to their computer is required in order to fix a security flaw that will prevent it from recurring. The victim is asked to download a remote access application, often the ‘Team Viewer’ app, which grants the fraudster access to their computer.

The Team Viewer software is then mis-used by the criminal to monitor the victim logging onto their online bank account, which allows the fraudster to see the victim’s personal and financial details. Other variants of the crime involve fraudsters stating that the recipient is eligible for a refund for an unauthorised transaction on their Amazon account.

Take steps to protect yourself

Personal Information. Always question uninvited approaches in case it’s a scam. Instead, contact the company directly using a known email or phone number.
Stay in Control. Have the confidence to refuse unusual requests for personal or financial information. It’s easy to feel embarrassed when faced with unexpected or complex conversations. But it’s fine to stop the discussion if you do not feel in control of it.

Remote Access. Never install any software or visit a website as a result of a cold call. Unsolicited requests for remote access to your computer should always raise a red flag.

Hang up. If you feel harassed or intimidated, end the call. You have the right not to feel pressurised.

Ring the organisation. If you’re unsure whether the caller is genuine, you can always ring the company they claim to be from. Make sure you find the number yourself and don't use one provided by the caller.

Don't be rushed. Scammers will try to rush you into providing personal details. They may say they have a time-limited offer or claim your bank account is at risk if you don't give them the information they need right away.

Action Fraud:       Your Money:    Andover Advertiser:  

You Might Also Read:

Cyber Crime Costs Britain $27 Billion:


 

 

« Smart Cities Will Soon Be Under Attack
Looking For A Career In Cybersecurity? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Imperva

Imperva

Imperva is a leading provider of data and application security solutions including DDoS protection, Web application security, Data security and Cloud security.

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

Atomicorp

Atomicorp

Atomicorp, the leader in Secure Linux, is a developer of solutions for the protection and support of cloud, virtual, shared, and dedicated web hosting environments.

Coro Cybersecurity

Coro Cybersecurity

Coro (formerly Coronet) empowers organizations to protect against malware, ransomware, phishing, and botnets - across devices, users, and cloud applications.

SecureMetric Technology

SecureMetric Technology

SecureMetric is one of SE Asia’s leading players in the field of digital security with a focus on Software Licensing Protection, 2-Factor Authentication, Advanced Identity and Access Management, Publi

Resilience First

Resilience First

Resilience First is a not-for-profit organisation, led and funded by business to strengthen collective business resilience in all areas, including cyber security.

ExpressVPN

ExpressVPN

ExpressVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

Fugue

Fugue

Fugue ensures cloud infrastructure stays in continuous compliance with enterprise security policies.

DigitalXRaid

DigitalXRaid

DigitalXRAID is driven and motivated to ensure the bad guys don’t win. We’re dedicated to providing our clients with state-of-the-art cyber security solutions.

Cyber-Physical Systems Security Institute (CPSSI)

Cyber-Physical Systems Security Institute (CPSSI)

CPSSI is a non-profit, by-invitation-only research and educational organization focused on practical and theoretical solutions to the cybersecurity challenges facing Cyber-Physical Systems.

YL Ventures

YL Ventures

YL Ventures funds and supports brilliant Israeli tech entrepreneurs from seed to lead.

Netography

Netography

Netography provides a scalable and reliable platform for detection & remediation of cyber threats found on your network.

Information & Communications Technology Association of Jordan (int@j)

Information & Communications Technology Association of Jordan (int@j)

The Information & Communications Technology Association of Jordan is a membership based ICT and IT Enabled Services (ITES) industry advocacy, support and networking association.

Digital Boundary Group (DBG)

Digital Boundary Group (DBG)

Digital Boundary Group (DBG) is an information technology security assurance services firm providing information technology security auditing and compliance assessment services to clients worldwide.

Stryve

Stryve

Stryve is a leading carbon-neutral provider of specialist cloud and cybersecurity services in Europe.

Federal Bureau of Investigation (FBI)

Federal Bureau of Investigation (FBI)

The mission of the FBI is to protect and defend against intelligence threats, uphold and enforce criminal laws, and provide criminal justice services.