Like a dog seeing a squirrel, I can't help but notice new text appear on my iPhone. The little gray notification grabs my attention and instantly distracts me from the task at hand. Besides, this one seemed important. It was, but only because it helped me identify a very dangerous and pernicious Amazon scam.
With the holiday shopping season in full swing, these scams are on the rise - opens in a new tab - and most of us make at least some gift purchases through Amazon (the retailer reported sales of over a billion dollars). dollars (opens in a new tab) ) during Black Friday).
It's that holiday mix of shopping frenzy, excitement, and a low-level fear that someone will rip you off that scammers naturally exploit to break into your privacy and personal technology, all for the sole purpose of stealing your identity, data, credit cards, etc. credit, logins and more.
Although I was not a victim of phishing, I deliberately played a scammer so that I could show you exactly how to identify and avoid a similar attack.
Like other alerts I receive from legitimate sources, this one was brief. He said:
«Your card was charged €649 for XGIMI Elfin Mini Projector
Order number #EMPY2219 on 05/DEC/2022
Didn't you order it?
Contact us: +17204813408″
it will happen to you
I'm pretty sure everyone will get a message like this before the holidays are over. Take a good look at this one. Contains grammatical and typographical errors including a zero instead of an "o" and a missing word. No legitimate company would send you a text like this.
What scammers rely on is the alarm that such a text could be triggered. Maybe you are so worried that you don't read it carefully and just call the number. But what number? I noticed that the number in the text and the number given by the caller ID did not match.
To be clear, I decided to call the number to better understand the nature of this scam: for science. My goal here is for you to read that text from now on and immediately understand that Amazon, Best Buy, and other online retailers don't work that way.
I decided to call the number embedded in the text, put the phone on speakerphone, and wait, maybe two rings before a representative answered.
It started with "How can I help you?"
"You called me," I said, "to ask for a warrant."
The representative quickly recovered and asked my name. I hesitated, but realized my name wasn't exactly a trade secret, plus I needed to get it out later so I could figure out the endgame.
Strangely, he didn't ask me to spell my name, instead asking me for the order number, which I dutifully provided in the text.
"Oh, there's an Amazon order from Ohio and you're in New York," he told me as he listened to the weak chatter in the background of dozens of scammers just like him trying to lure other callers.
"Have you been to Ohio?" He has asked.
“Did you share your Amazon account with someone in Ohio? » He has asked.
"There were several requests from Ohio," he added, sounding almost concerned for me. This guy deserved an Oscar.
(Image credit: future)
As he was talking to me, I logged into my Amazon account on my desktop. No weird requests, just the things I ordered for my wife's Christmas presents.
"Sorry," I said, trying to sound confused, "but if someone orders from my Amazon account, shouldn't I see those orders in my Amazon account?"
There was a long pause as if he had taken it off the script.
"Yes... but they are all pending," he told me.
Now it was time to get to work. The scammer told me that it was important that I connect to the "Amazon Secure Server" to fix this issue. Throughout the call, he must have said "Amazon secure server" half a dozen times.
"Okay," I said, still trying to look confused, "how can I do this?"
First, he says, we need to know what kind of device you're on. I told him it was an iPhone.
"Great, I need you to put me on speakerphone and open the App Store," he explained.
I said "Of course," hung up my phone, and started taking notes.
I need you to download this app. Instead of telling me the name, he spelled it out, giving me a word for each letter, 'A' as all, 'N' as Nancy, 'Y' as yes, 'D' as dog, 'E' as all, 'S' as Sam and 'K' as Keep".
My scammer friend wanted me to download AnyDesk, which he said was meant to connect to Amazon Secure Server, but which I know is remote desktop software. It's the kind of app that lets someone on the other side of the world log in and control your PC or phone to root and get all your stuff.
As we talked, I searched for “Amazon AnyDesk scam” and quickly came across an article from March 22 detailing exactly this trick.
I decided to slow things down a bit so I could message my scammer friend.
"Wait, I just realized there's another name on the account and I'm worried if you don't have it it won't work," I tell him with what I think is genuine anxiety in me voz. ¿Dónde está mi Óscar?
return the favour
The scammer was upset. "No, no, just connect to the secure server. Download the app."
I told him I wanted to make sure he had this.
"Very well. Give it to me".
"Okay, I'll spell it out. Clever".
"Yes," he said, and I could hear the exasperation in his voice.
"'N" as no, 'O' as above, 'F' as fun, 'U' as below, 'C' as wire, 'K' as king, 'I' as inside, 'N' as Nancy, ' G' as go, 'W' as walk, 'A' as all, and 'Y' as yes”.
At first there was no reaction. She spelled it out again, but since she'd misheard some crucial letters, it didn't make sense. We went back and fixed them. Then she repeated it and there was a moment of silence.
"Why do you tell me that?" she asked plaintively.
"Because it's a scam and you're a thief."
He did not argue.
"Yes, yes," he said quickly, then hung up.
If you ever see a text like this, your first stop is to log into your own account via a trusted PC or phone and check roaming charges. If you see any, please contact the retailer or site directly. Never reply to any of these text messages and never install software, no matter what the person on the other end of the line tells you.
You can further protect yourself with some of the best security software of 2022.