A number of Amazon sellers have been targeted by hackers who stole sales revenue and loans from their accounts.
In a British legal document only recently made public, Amazon said the crimes took place between May and October 2018 and affected around 100 sellers on the online shopping site. Bloomberg, which has seen the document, said the ecommerce giant described the fraud as “extensive.”
Amazon is yet to publicly acknowledge the breach but its investigation into the incident has reportedly been completed.
It’s believed that the cybercriminals were able to change the details of accounts on the Seller Central platform, enabling funds to be channeled away from the targeted sellers and into their own accounts. It’s not clear if any arrests have been made in connection with the incident, or how much money was taken in the illegal transfers.
Amazon has been offering loans to select sellers on its platform since 2011 via its Amazon Lending program. The loans, which range from $1,000 to $750,000, are used by sellers to grow their businesses. Amazon’s own data shows that it lent around $1 billion to small- and medium-sized businesses on its platform in 2018, a figure that suggests there could have been some significant amounts of money sloshing around in some of the accounts that were targeted by hackers.
It’s not immediately clear how the fraudulent activity was able to continue for six months and target so many sellers before being detected. We’ve reached out to Amazon for comment and will update if we hear back.
According to Bloomberg’s report, the accounts were probably compromised “by phishing techniques that tricked sellers into giving up confidential login information,” indicating that the sellers themselves may have inadvertently allowed the hackers a way to carry out their fraudulent activities.
Phishing in the digital age usually involves the victim clicking on a link in a phony email or instant message, leading them to a website where they unknowingly hand over to hackers their login details for online banking or some such service.
To find out more about phishing, check out a piece by Digital Trends that highlights some of the common scams operating today.
- Big phish: Report shows PayPal, Bank of America, Apple are top phishing targets
- Facebook’s privacy-focused clear history tool is set to land in 2019
- The best websites like Craigslist (that aren’t)
- Microsoft says hackers were able to view Outlook.com emails
- Don’t be fooled! Study exposes most popular phishing email subject lines