Posted 8 January 2024

Amazon scam

Just received a call from a spam number claiming to be Amazon.(I knew it wasn't but played along). Was told about a purchase of an I phone on my account and if it was me and who placed order and if I wanted to keep it. (Said no to both).What I dont get is in order for him to remove order from my account he said he'd send me a OTP via text which came up as a text from AMAZON and this was in a thread of previous messages from the real Amazon which I had from previous orders.
Question is how did they manage that?

New Comment

17 Comments

sorted by

8th Jan
There’s two possibilities:
1) They were using their own text service to gain your confidence and just set AMAZON as the contact ID for their texts. It’s quite easy to spoof this. Then once you trust them they can go on to do more damage later.
2) They put your details into the Amazon website to say you forgot your password and Amazon themselves sent you a genuine OTP which you give to them so they can access your account and take control of it to buy things using your saved card details.
8th Jan
Definitely the second option.
8th Jan
Password reset will trigger an OTP - most likely with a warning to never share with anyone else.
8th Jan
OMG - answering the call is how they verify your details!
They have just confirmed your phone number is associated with your Amazon account.
Author
8th Jan
Cheers, will change passwords as a precaution. I told him it states not to share the otp only to be told it's ok you can tell it to me as I work for amazon and I'm here to help you. Lol. (Gave him a mouthful and hung up).
8th Jan
Either your email or your Amazon account password is compromised and they need the 2FA to properly get into your amazon account.

Also, don't respond to calls from unknown or flagged numbers. If it's important, they'll leave you a message. You're now unfortunately going to appear on a lot of lists as someone receptive to scam attempts.
8th Jan
I think this scenario was one of the ones highlighted on the BBC programme Scam Interceptors
Have a look at their website and they have episodes on I Player too if you have access to that
8th Jan
Dangerous. Good on you for sharing about it on here
8th Jan
It's "only" a phishing attempt.... They spoof Amazon's phone number and send millions of texts or phone calls to random numbers in the hope the user will panic and reveal info.
They texted you because you answered the phone.
Report the incident to Amazon and forget about it - unfortunately it's daily life now.
8th Jan
Yup, used to be foreign scammers, now, they are all here...
8th Jan
Change your email address password as well
8th Jan
He’s hacking your account, must have your password. Change it.
8th Jan
Pretty sure I get texts or even emails with OTP codes from Amazon when ever I sign into a new device using my account details. Sounds like someone has your Amazon password and wants to hijack your account, they need the OTP code to access your account. I would change all passwords ASAP.
Author
8th Jan
Have changed password and signed out all devices as a precaution.
8th Jan
I literally just had a scam Whatsapp "petition" where you get loads of random folks added to a group.

The usual, Hi I have just signed up for this petition about "xyz" I hope you do the same. "Insert dubious link"

I couldn't believe the amount of folks who fell for it and said done mate etc.. I dread to think what details they have filled in on some form somewhere
8th Jan
wouldn't all the "done mate" comments just be part of the scam to make you feel like its "safe"?
10th Jan
This is the same scam on Scam Interceptors... Once you give you code they can get in your account and add the item.
The OTP code is probably a password reset code they generate