Social engineering is one of the most important tools for a cybercriminal dedicated to cyber scams. And it is that, for an attack to take effect, and to be able to affect the user, it is important that it be credible and attract their attention. This is achieved in many cases by impersonating well-known companies with which the user is likely to have some kind of relationship, and by sending emails in which discounts or prizes are announced. Amazon, the e-commerce giant of Jeff Bezos, is one of the companies most used by criminals to carry out their actions. Especially during shopping time, like the Black Friday, which is still kicking its tail, or the Christmas.
The cybersecurity company Kaspersky has shared through its official website Some of the most common methods used by cybercriminals when they impersonate Amazon to steal user data and money. “Scammers try to get hold of your data through fraudulent emails, text messages or calls that pretend to come from Amazon. There are dozens of phishing techniques, but, generally, they highlight the urgent nature “, they explain from Kaspersky.
You have signed up for Amazon Prime
In this fraud, the criminals contact the victim via email or SMS to inform them that they are going to charge them for having, in theory, Amazon Prime. The communication in this case is accompanied by a telephone number in order for the user to call by phone to report that it is an error and, therefore, want the collection to be suspended. From the cybersecurity firm they explain that if this action is carried out, criminals will take advantage of it to obtain credit card numbers and other personal data.
“There is another version of this strategy that persuades victims to install the TeamViewer remote access program on their computers. Thanks to her, they managed to steal thousands of pounds from British citizens for 3 months in 2019, “they point out from Kaspersky.
Someone has entered my account
A classic of cyber scams. In this case, cybercriminals contact you by email to inform you that some irregular action has been detected in your Amazon account and changes have been made to your information within the platform. To solve the mess, the user is asked to click on a hyperlink that redirects him to a page similar to the official Amazon in order to fill in his data again. The problem is that, as in so many other cases, it is a malicious site created in order to trick the victim into contributing the information without realizing it.
Did I buy that?
Imagine that, suddenly, an email arrives from Amazon in which the service informs you that you have just bought a 3,000-euro television and that they are processing the delivery; but that you have not performed that operation. Well, that is another of the tactics that cybercriminals often use to deceive you through email. And it doesn’t have to be a TV, it could also be a PlayStation 5 (hopefully, more than one will think), a jibarizado comic from DC to 50 euros or a cup. It does not matter. The objective is that you call a number that is indicated in the email so that, as in the first case, you deliver your personal and bank details.
As you may have guessed, calling is a bad idea. Again, scammers are looking for easy money and personal data. In fact, a woman in Australia lost 4,000 Australian dollars in this way, when scammers asked her to buy gift cards on Amazon, “they point out from Kaspersky.
The gift card trick
The cybersecurity firm also warns about cases in which private sellers request as payment for a product that uses an Amazon gift card. In these cases, it is best to distrust, since it is quite likely that it is a scam and you end up running out of money and without product. Kaspersky also highlights a related scam in which you receive an email allegedly asking your boss or a family member to buy multiple gift cards and send them to them. Oddly enough, they maintain that this trick is extremely successful.
You have received a prize
Another classic. Kaspersky explains that there are scammers who not only refer to the nature of urgency, but also try to attract you in another way. If they can’t intimidate you with arguments about hacking your account or suspicious transactions, they can send you an email about some bonus points that are about to expire or about a gift. But, at the end of the day, the result is the same: if you click on the link that accompanies the email in which they notify you, and enter your information on the fake site, they will go to the scammers .