Amazon attracts millions of shoppers worldwide because of its wide selection of products and tempting price deals. However, Amazon attracts not only the innocent but also crooks and scammers out to prey on its gullible clientele.
Earlier this month, posts on the Comparitech blog and Naked Security news site revealed that a new phishing scam has been duping Amazon shoppers. Despite having been reported by users many times, the fraudster, known as Sc-Elegance, had managed to evade being caught, usually by disappearing for a while when things seemed to start getting hot, only to reappear later under a different seller account.
Amazon has already removed the Sc-Elegance listings and shut down the account, but the perpetrators will most likely come back under a different guise, since the scheme seems to be lucrative for the criminals, according to Comparitech.
Sc-Elegance reportedly posted listings of high-end electronic products marked as “Used - Like new.” At the sight of irresistible and heavily discounted price offers, gullible shoppers added the items to their carts. But, when checkout time came, the buyers were notified that there were problems with their orders. Nothing unusual about this at all — it does happens from time to time. The catch here is that there never was such merchandise to begin with.
The fraudulent merchant then emailed the buyers, telling them that it was all a boo-boo on the seller’s part and that stocks were still available at a different location. The email provided a link to a payment page that, to an untrained eye, looked like an authentic Amazon page but was actually designed to collect personal and financial information from buyers.
To avoid falling into traps like these, you need to be extra vigilant and pay attention to confirmation emails that you receive after placing orders, especially those messages that ask you to go to a certain site, click a link or download attachments.
For instance, one tell-tale sign of bogus emails is the presence of sloppy writing in the email — especially misspellings and grammar errors. However, not all scammers failed English 101, so some phishing emails actually do sound and look professional. So, looking for language anomalies may not be 100 percent reliable, but they are usually red flags.
Before clicking on links, downloading attachments or installing software, first check that the email does come from Amazon. For instance, if the “From” line of the email doesn’t have “@amazon.com” in the address, then it is surely from someone else.
Or, if the email asks you to update your payment information, first check the Payments section in the Manage Payment Options page in your Amazon account. If it does not ask you for updated info, then the email that you got is certainly not from Amazon. As a general rule, never pay or provide payment info outside Amazon’s official site. This also means never transacting with an Amazon seller through email or some other means outside the Amazon system.
[Image credit: screenshots via Naked Security; anonymous hacker and cyber criminal man coming out from computer laptop screen via Shutterstock ]