With Amazon being by far the largest online marketplace, it’s bound to be the focal point for plenty of scams and fraud. In fact, according to this report by the FTC, 1 in 3 people who reported a business impersonator said the scammer claimed to be working for Amazon. Scams such as smishing text messages offering free rewards cards, and fake package delivery notifications have both seen their fair share of usage in the past few years.
This Amazon phone scam is a bit different, however, because it relies less on people clicking on malicious links, and more on taking advantage of an individual verbally—as in most of the scam happens completely over the phone.
While the average person may believe they’d never fall for a scam (especially one where they’re constantly talking with the criminal) the results have shown otherwise. From that same report done by the FTC, about 96,000 people reported being targeted, and nearly 6,000 said they lost money. Reported losses totaled more than $27 million, with the median individual loss being $1,000.
So, how do they do it? It all begins with a simple call.
How it starts
Typically, in scams like this, there are two different ways the initial call is started.
Either:
- Your number was collected somewhere online, and they call you
Or
- You received a scam email or text message referencing a number to call for “help”
They call you
If the bad guys are the ones initiating the conversation, you’ll receive a call from a random number. However, the criminals can spoof these numbers to change the area code to copy yours, or even change the caller-ID to Amazon/Amazon Representative/etc.
You call them
You might be wondering, “Why would I call the scammers?”, but there’s actually a handful of reasons. For starters, you may receive an email with the subject: “your password has been changed”, “account suspended from fraudulent activity”, or something like “package delivery delayed”.
All of these are meant to take advantage of a person’s fear and panic response. Not to mention, these emails can be exact replicas of the ones that Amazon sends out—give or take a few things.
Here’s a perfect example of what one of these emails could look like. If it wasn’t realistic enough already, these emails may include links that take you directly to Amazon’s official site. The entire incentive of the criminals is to get you to call the number contained within.
What happens on the phone call?
Regardless of how the call is started, it will most likely end up with the “Amazon representative” confirming that your account or your device is hacked.
Before you start to panic, the “representative” generously offers to transfer you over to the tech department where they can thankfully resolve the issue.
Once you are transferred (these criminals can work in huge call centers with each person having a designated role), the tech support team will work with you to install “antivirus software” and ask you to run a scan on your device. After this “software” is installed, it’ll allow criminals to have complete control of your device, anytime, anywhere.
This is known as remote access software and can appear as TeamViewer, AnyDesk, and various other programs. These programs are official and completely legit, but most importantly, they aren’t viruses—so your real antivirus wont pick them up if you scan for them.
To learn more about remote access software, we explain what it is, how to remove it, and more in this article.
How it can hurt you
After it’s installed, the criminals have most of what they need.
Important: If you have auto-fill for passwords enabled, they have practically everything they need.
Even if you don’t, they’ll search everywhere on your device for your passwords. If that doesn’t work, they’ll start resetting all your passwords using any emails connected to the device.
The results of an attack such as this can be devastating. Not only will all your accounts be compromised, but every single piece of vulnerable information can and will be collected.
What to do if you believe you are a victim
If all of this sounds familiar and you have installed some form of “antivirus software” on your device after talking to someone claiming to be an Amazon representative, here are some immediate steps to take.
1. Attempt to remove the software
This can be difficult to do, especially for an individual who doesn’t consider themselves tech-savvy. If you aren’t confident in your abilities to remove the software, completely power off your device or disconnect your computer from the internet—this prevents criminals from doing anything with the software.
Do NOT uninstall random programs you do not recognize; this can do much more harm than good.
To learn more about how to find and remove the software, we explain in this article how to do so and provide alternatives if you can’t do it yourself.
2. Change your passwords for all your financial and important accounts
Do this only AFTER you remove the remote access software or if your device is completely disconnected.
Every account that you believe would cause financial damage if compromised needs to have the password connected to it changed.
Make sure to use unique passwords for every account, with a MINIMUM of 12 characters and a combination of numbers, letters, and symbols.
3. Monitor your financial and credit statements vigorously
This is a healthy habit to get into regardless of if you’ve been compromised or not.
By monitoring your statements daily, it’ll allow you to catch and report any fraudulent charges, giving you plenty of time to report them to the financial institution.
To learn how to check your credit statements and detect credit fraud, check out our blog page where we show you how to pull your credit reports and the best methods for preventing the opening of new accounts.
How to protect yourself from scams like this
The Amazon phone scam is just one of the countless different ways cybercriminals try to exploit people. Here are some general steps you can take to reduce your risk of becoming a victim for most, if not all scams.
- Companies will NEVER call you to have you install anything or ask for any sensitive information.
- NEVER call a phone number contained within an email, always go directly to the company’s site.
- NEVER click on any links or download any files contained within an email. If you receive an email saying your account has been compromised, try logging in directly to your account online before doing anything—chances are this is just a scam email. If you are unable to log in, and you believe your account is compromised, make sure you visit the company’s official site and look for a phone number to call to reset access to your account.
Most importantly, never hesitate to ask friends or family for help. If you are suspicious of something, know that all it can take is one click to compromise your device.
If you want to stay up to date on the latest and greatest cyber threats, subscribe to our newsletter for more content, and make sure to check out some of our other blog posts.
