Fake Amazon text seeks to steal your personal data and rip you off blind

June 2024 ยท 4 minute read

There are so many ways to get tricked into giving up your personal information that it's scary. The latest scam takes advantage of the 300 million active global accounts (200 million global paying customers) that Amazon has. If a scam artist could somehow trick a small percentage of Amazon customers into giving up some of their personal information, he could probably put himself in a position to steal plenty of money by making unauthorized purchases.

If you get a text from Amazon asking for your personal information, do not answer it

Here's how this scam works. A bad actor obtains your personal information allowing him to change the password on your Amazon account. He changes the address of the account to a PO Box he controls and starts ordering expensive items that are charged to your card. By the time you realize what's going on, these pricey products have been converted to cash. At the end of the day, if you're lucky, the credit card company takes the hit. Video Thumbnail
And one way that these scammers are obtaining personal data is by sending out bogus text messages pretending to be from Amazon. WGAL-TV in Lancaster, Pennsylvania reports that a text claiming to be from Amazon has been received by some smartphone owners. The text says that it is from Amazon Assistance and states, "We have detected a problem with your account information. Please verify your information correctly."

What the scammer is hoping you'll do is click on a link in the text and fill in the requested information that will allow the bad actor to hijack your Amazon account. Usually, such texts have a number of grammatical and spelling errors. This one just has one which you might not notice (the text says "This is simple step to recover your account"). The fear of getting locked out of his/her Amazon account is used to motivate the target. The text says that the personal information requested in the text needs to be "verified by Amazon" or else the user will not be able to access his/her Amazon account.

Depending on the personal data stolen, there is also the possibility that the scammer can get into your bank account and change the password and address.

There are some red flags including an email address that is a long series of numbers and letters that looks suspicious. Amazon says that its legitimate websites will have a name followed by .Amazon.com, and it never includes links to an IP address consisting of a long string of numbers.

If you do receive a text that asks for personal information or demands payment for something you don't recall buying, call the company that purportedly sent the text message using a phone number sourced from Google or a legitimate source.

You should call the company that purportedly sent the text message if you're not sure it's legit

Keep in mind that looking for spelling errors and grammatical errors is a good way to filter out scams from real texts. But it is not perfect. This writer once received a text from Verizon Wireless that contained several spelling errors and it was seeking personal information about my account. I called Verizon and it turned out to be a legitimate text. But note that yours truly did call the company and if you're not sure about the legitimacy of a message, that is the best thing that you can do (as long as you don't call a phone number included with the questionable text).

Yet another time, in the early days of phishing (sending out an email or text that looks legit thanks to the use of official logos), I fell for a scam directed at my eBay account and supplied enough info for the scammer to take control of my eBay account within minutes. All of a sudden, on my account, there were expensive cameras and photography gear for sale that no one-especially the scammer-owned.

My account was targeted thanks to a high 99% positive feedback rating. The scammer was hoping to attract buyers who would feel comfortable spending huge amounts of money because of the high rating. The products ordered, of course, would never arrive. Eventually, I was able to get control of my account back before anyone got ripped off.

Don't be a victim. Make sure a text or even an email is legit before sharing your personal information.

ncG1vNJzZmivp6x7sbTOp5yaqpWjrm%2BvzqZmp52nqHynrcqeZJqlka%2B8r3nTnq%2BtZaOasqy%2FjK2mZqukmq6tec%2Beqaynnpa5brDArZiYoZRmgXR%2Fl3I%3D