Blog

The Amazon Fraud

As shared by our contributor

I experienced an Amazon fraud yesterday and want you to be vigilant if you are using Amazon for  online shopping.

Alert from Amazon

Yesterday I got an SMS stating '10000/- added to your Amazon pay back account'.

 

Soon after I got three SMS of 3 payments to Torent power, Ahmedabad with total 9100/-.

My Reaction

Firstly I thought it was a fake SMS and felt like ignoring it. Soon I realized that I may have been a victim of Amazon Fraud. So I checked my amazon app and all these 3 transactions were reflecting in "your order" section. I immediately reached out to Amazon and they confirmed that the transaction took place and forwarded my request to investigating department with promise that it will be reverted if found fraud.

Findings & Modus Operandi

As I am passionate for cyber security, I thought of checking the security setting of my own App and I would like to share my findings and action taken for prevention of loss in future from Amazon Fraud. By checking Notification section in my Amazon App, I was surprised to see my account was accessed from Tamilnadu's desktop and Maharashtra's mobile (not mine). It appears that the fraudsters cracked my password and enabled the new new feature of Auto-Repayment functionality (Pre-approved loan of Rs 10000/-) on my account. This they utilized to carry out the transaction.

 

Lesson Learnt

1. Two-Factor Authentication: I found my account was not enabled for two factor authentication. Two Factor Authentication would have ensured that even if my password was compromised, the fraudster would have needed OTP to do a successful login to my account. The Two-Factor Authentication can be enabled by -

Your account >>> Login & Security >>>> Two Step Verification (2SV) settings>> Mention Primary number and a Secondary number with OTP option >>>> Enable Two Step Verification.

 

2. Change Password. Changed password with strong combinations. You can do it by

Your account >>> Login & Security >>>>update password.

 

3. Third Party Apps for Login. Disabled/removed all third party apps mentioned in the setting. This can be done by

Your account >>> Login with Amazon >>> Delete any third party apps mentioned >>>> Ignore if none

Conclusion

Awareness is the key to avoiding victimization of any kind of Cyber Crime including the Amazon Fraud type of crime. Take all preventive measures to ensure that cyber criminals don't succeed in their effort.

 

Write your comment/suggestion/query is you have. 

 

Contribute such real-life incidents at info@weseso.org

 

Also Visit:https://weseso.org/cyber-warrior-blog/

https://www.amazon.in/Stories-Cyber-Crime-Protection-Mantra/dp/1684666023

0 5