Rise of fraudsters pretending to call from Amazon: Here’s why you shouldn’t be tricked into pressing ‘one’ on the keypad
- The CTSI has issued a warning that scammers are posing as Amazon employees
- Around 7.9m UK homes now have Amazon Prime membership
- Scammers scare victims into believing they’re paying a £29 music subscription
Scammers are telephoning Amazon Prime customers in a bid to access private information and bank account details.
While fraudsters often attempt to mimic huge, familiar companies, this is often down the route of email or text with phishing links.
However, the Chartered Trading Standards Institute has today warned that there has been a sharp uptick of phone calls from scammers to households, asking them to press ‘one’ on the keypad.
If they are tricked into doing so, they will be taken through to a fraudster posing as a customer service representative at the e-commerce giant.
Amazon is the biggest e-commerce retailer in the world. Some 7.9m UK households with Amazon Prime membership are being targeted by scammers
Amazon Prime is in almost 7.9million UK homes, according to figures for the first three months of the year and it is likely this figure has surged during lockdown, offering movies and TV shows, along with free, quicker deliver.
It means Amazon has increased its subscriber base by 6.7million households in the past five years.
Scammers often pose as various authority figures, such as employees of government departments as well as private companies and banks.
While scams are rife, This is Money reported this week that few are able to identify them.
High street bank TSB conducted an experiment where it showed 2,000 people 20 emails and texts, half of which were fraudulent, and found only 18 per cent correctly spotted all 10 scams.
How are scammers trying to defraud Amazon victims?
Scammers target victims in various ways, including email and the telephone.
Households are receiving automated telephone calls informing them that they have opened an Amazon Prime account and that they should ‘press one’ to cancel the transaction.
How do I know if an email or website link is from Amazon?
Amazon says its emails will always come from an address that ends @amazon.co.uk, for example, firstname.lastname@example.org; email@example.com; firstname.lastname@example.org.
Links to legitimate Amazon websites start with https://www.amazon.co.uk or the equivalent if you’re visiting an international Amazon site, for example: https://www.amazon.fr
Amazon warns never to click on a link, open an attachment or respond to an email you suspect to be fraudulent.
Upon pushing the button, the call connects to a fraudster posing as an Amazon customer service representative.
The CTSI says the scammer then informs the recipient of the call that their subscription was purchased fraudulently due to a supposed ‘security flaw’ on the targeted person’s computer.
The bogus Amazon representative then asks for remote access to the recipient’s computer, supposedly to fix the security breach.
However, this is where people become victims.
Remote access gives control access allowing the scammers to steal personal information, including passwords and banking information.
An email version of this scam has also emerged claiming the target has started an Amazon music subscription charged at £28.99 per month.
However, by clicking on the link provided to ‘cancel’ the subscriptions and ‘receive a refund’ victims are again opening themselves up to parting with their account details and having their accounts raided.
Real or fake – can you spot the difference? This phishing email landed in our inbox today
Will Amazon contact you in this way?
Katherine Hart, lead officer at CTSI, said: ‘Due to the Covid-19 pandemic, people are spending more time at home and more people are using internet platforms for shopping than ever before.
‘Phishing scams targeting users of big platforms like Amazon have existed for a long time, but the current crisis has made them more vulnerable.
Amazon said in a statement: ‘We take phishing and spoofing attempts on our customers seriously and will never call a customer for payment outside of our website.’
The company also encouraged customers with concerns to check Amazon’s help pages for guidance.
What can you do if you’ve been scammed?
If you’ve been scammed or contacted by a fraudster posing as an Amazon representative you should follow these steps:
· Report the calls or emails to Action Fraud, Citizen’s Advice, or if in Scotland report it to Police Scotland by dialling 101
· To report email scams you can also contact the National Cyber Security Centre (NCSC) by emailing email@example.com and for Amazon specific fraud you can forward it to firstname.lastname@example.org
· Protect and empower yourself or your business by joining Friends Against Scams and Businesses Against Scams, respectively.
· If you need further advice and guidance on how to protect yourself, or your business, from fraud and cybercrime, click here.
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.