21st July 2020

Amazon phishing scam resurfaces

The Chartered Trading Standards Institute (CTSI) has gathered evidence that scammers are pretending to be Amazon representatives in order to gain victims’ banking details.


By JTS Staff
Journal of Trading Standards' in-house team
TYPE
SUBJECT
REGION
SHARE ARTICLE

Scammers posing as representatives of online retail giant Amazon are targeting the public via email and telephone in a series of phishing scams. The telephone scam consists of an automated call informing the recipient that they have opened an Amazon Prime account and should “press one” to cancel the transaction. Upon pushing the button, the call connects to a fraudster posing as an Amazon customer service representative.

The scammer informs the victim that their subscription was purchased fraudulently due to a supposed “security flaw” on the targeted person’s computer. The bogus Amazon representative then asks for remote access to the recipient’s computer, supposedly to fix the security breach. Remote access allows the scammers to steal personal information, including passwords and banking details.

The email version of the scam informs the target that they have started an Amazon Music subscription charged at £28.99 per month. Similarly, the email asks the recipient to click a link to cancel the subscription and receive a refund. The potential victim is asked to input their card details to receive the refund, instantly sending the details to fraudsters.

Katherine Hart, Lead Officer at CTSI, said: “Due to the COVID-19 pandemic, people are spending more time at home and more people are using internet platforms for shopping than ever before. Phishing scams targeting users of big platforms like Amazon have existed for a long time, but the current crisis has made them more vulnerable.

“Amazon will never cold-call customers, nor ask for remote computer access or payment over the phone. Do not give any details to the caller, and always verify directly with Amazon by logging into your official account and contacting customer support. Anyone who receives these calls or emails should report them to Action Fraud, or if in Scotland report it to Police Scotland by dialling 101.”