Last week, July 12 and 13 were — together — Prime Day. Two days later, someone used Amazon to try to defraud our account.
Presumably, the crook assumed Amazon was going to be showing up on so many financial accounts this week that Prime Day would provide some air cover for increased fraudulent activity. This makes sense because Amazon Prime members purchased 100,000 items per minute during the Prime Day event, spending over $3 billion and purchasing more than 300 million items overall.
In other words, Prime Day gave fraudsters a target-rich environment.
Steve Bradford, Senior Vice President EMEA at identity security firm SailPoint, reports, “Fraudsters have never been so ruthless with their tactics, and they’re increasingly using ones that are far more personal and harder to spot. In the latest cases, we’re seeing an increase in phishing and credential harvesting email attempts linked to Amazon Prime Day.”
It’s true. My wife and I were among those targeted. In our case, it wasn’t a phishing attack. The bad guys had already harvested some of our personal information.
Sitrep (situation report)
On Monday, July 18, during a routine review of our bank accounts, we noticed a $193.77 charge from Amazon. This was anomalous because we never used that account to make purchases from Amazon.
CHECKCARD AMAZON. COM AMZN.C SEATTLE WA ON 07/15 – $193.77
The charge was incurred on 7/15, just three days earlier. We immediately did a deep dive into all our Amazon-related accounts, looking for a charge of $193.77. We were hoping against hope that we would find something to confirm it was legitimate because we didn’t want to shut down our checking account, which had many active transactions and payments which had not yet cleared.
We found no legitimate charge and became convinced the charge was fraudulent. Our next step was to contact the bank’s fraud department.
We spoke to a very helpful representative who clarified that the charge was, indeed, from Amazon. But it wasn’t a charge on our bank account. It was a charge on a rarely-used debit card attached to that account. We immediately closed that card, and the bank assured us they would return that amount to our account within a few days.
At this point, we had eliminated the risk of further fraudulent transactions and financial harm to us. But that wasn’t the whole story.
The rest of the story
We had a long conversation with the bank’s fraud rep, and in doing so, he determined that the charge originated from Amazon itself. This wasn’t a case of a fraudster faking Amazon’s identity to charge our card for cash. Instead, the crooks used our debit card to actually buy something from Amazon.
Where, exactly, the criminals got our debit card details remains unclear. There were no geographical records, so we couldn’t determine if the fraudsters were local and had somehow skimmed the card or were far away and had somehow obtained the card’s digits through a hack or a nefarious credential purchase.
The amount and purchase method were interesting because an extra under-$200 Amazon purchase during Prime Day week could go unnoticed by anyone with lax bookkeeping. It wasn’t an amount so high as to fire off an immediate panic, but it was certainly enough to provide value to the fraudster.
If we weren’t the only victim of this crook’s activity, I’m betting they got away with many charges that went unnoticed.
How we stayed safe
Our system works. Many years ago, we instituted what we call “banks and bills.”
We started doing this for our company back when we were a startup running on fumes. Originally, it involved a daily review of how much we had in our bank accounts, what payments were due to us, and what bills we had to pay. With a staff of employees and no external funding, we were living from client payment to client payment. Cash management was a necessity.
My wife and I also started using the banks and bills system for our personal expenses. For an in-depth deep dive into what this system is, read my article, “The single best way to protect yourself against credit card fraud” and then do what it says.
It works, as we proved this week.
It’s been a long time since we’ve had to do a daily financial review, but we do check all our accounts on a weekly, scheduled basis. Every week, we go down all our bank accounts to make sure the transactions make sense. This is how we caught this fraudster. With weekly banks and bills, it never takes us more than seven days to find a problematic transaction.
This week, as we went down the list of each transaction in the bank account, we noticed the odd $193.77 and immediately took action. Had we not had a weekly review of transactions, we might never have noticed that bill or noticed it was too late for the bank to reverse the charges.
That’s how I recommend you keep your business and family safe as well. Do a banks and bills review weekly, double-check any questionable transactions, and you can be sure you’re always on top of your accounts.
If you have an issue with Amazon, you can also visit the company’s Report Something Suspicious page. They have a wealth of resources and tools for reporting fraudulent activity there.
More fraud prevention techniques
Beyond the banks and bills meeting, this is a good time to practice your financial situational awareness. Adrianus Warmenhoven, the cybersecurity expert over at NordVPN, has shared some Amazon-related scams he recommends you watch out for.
Adrianus says that since bogus marketplace sites are hard to distinguish from the genuine article, look for a slightly different domain name. Make sure you only visit Amazon by typing in the full .com address, Amazon.com, into your browser. The URL you see at the top of the page should start with “https” rather than “http,” showing it is secure.
Adrianus recommends looking out for a classic social engineering scam that trades on Amazon’s well-known status and may include the company logo. These scams may claim there’s been a fraudulent access attempt or make some other request for identity. Our bank’s fraud rep told us that this was a big cause of scams they were encountering.
If you receive a message claiming to be from Amazon, do not click on any links. It’s likely there will be clues in the message, such as grammar errors and spelling mistakes, which show the message is not genuine. Once again, only visit Amazon by typing the Amazon URL into your browser.
Adrianus also explained that gift card scams are prevalent because such cards are popular presents. Don’t fall for offers for gift card vouchers. Always be suspicious of messages encouraging you to respond quickly, and always speak to loved ones and friends on the phone before making transactions you believe they have asked for.
Beware of text messages or emails giving an order number and a link to track a package. Once clicked, a hacker may follow up by asking for a small payment to speed up delivery or claim there is an extra fee to pay.
Always check through your Amazon account to see if the stated order number on the original message is genuine. That said, even if it is, don’t engage with a text or email. Go to Amazon.com to confirm the package information. You might even get unsolicited packages. These are called “brushing” scams and are used to inflate review scores on the e-commerce site. Follow Amazon’s advice here if something like that arrives.
Adrianus’ final advice is that things that look too good to be true often are. Amazon has not run a prize drawing for several years, so if you get a notice that says you’ve won such a prize from Amazon, it’s undoubtedly a scam.
The bottom line
Remember, the bottom line is your bottom line. It’s worth it to take the extra care to check your accounts and do your due diligence. Sure, the charge we faced was under $200, but who’s to say that if that charge was allowed to go through, we wouldn’t be facing repeating charges or much bigger charges?
Our due diligence prevented something that could have gotten very bad, which we might have caught far too late.
In the immortal words of Sgt. Phil Esterhaus, “Let’s be careful out there.”
Have you checked your accounts? Have you experienced Prime Day-related fraud? What techniques do you use to keep safe? What’s your sitrep when it comes to financial security? Let us know in the comments below.
You can follow my day-to-day project updates on social media. Be sure to follow me on Twitter at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, and on YouTube at YouTube.com/DavidGewirtzTV.