Baffled by bogus charges on your Amazon account? It may be the work of a crook's phantom gadget

Register readers confirm unseen hardware took bank cards on a joyride


Last week, we spoke to an Amazon customer who was for months plagued by unauthorized purchases from their account. It appeared a fraudster's smart TV had been quietly linked to the victim's profile – a gizmo not visible in the usual account settings and could not be removed by even Amazon's own support team.

Yet the phantom telly could still place orders using the customer's bank cards even after the account password was changed and multi-factor authentication enabled.

If you thought that seemed to be a one-off, a weird technical glitch that led to one isolated case, you would be forgiven. Now, thanks to Register readers, we know that is not the case, though. The use of invisible devices attached to people's Amazon accounts by criminals to go on unauthorized spending sprees with their victims' payment cards seems to be a fairly widespread problem.

The scam works like this: a crook somehow manages to get an Android device added to a mark's Amazon account, and it doesn't show up in the usual list of linked gadgets. This device is now authorized to quietly buy stuff online using the account's payment methods, and it's not obvious to the customer nor customer support what's going on.

Reg reader Jon d'Shade says that he experienced pretty much this earlier this year even though he had been careful with his account security.

"Several months back, I went through the same thing," he told us over the weekend. "A mysterious hack of my account with orders for several XBox 360 gift cards totaling $500.00.

"Now I've been involved in all aspects of IT since 1970, at all levels up to CIO. I don't reuse passwords on any site worth a damn (PasswordSafe since Bruce Schneier introduced it way back when), all long and all gibberous, and keep a close eye on HaveIBeenPwned.com."

A frustrated woman at a computer

A stranger's TV went on spending spree with my Amazon account – and web giant did nothing about it for months

READ MORE

d'Shade told us he was able to get Amazon to reverse the charges, and has changed all associated passwords. At first, he couldn't see any unexpected devices linked to his account in the main settings – but then he found two smart TVs, made by Samsung and Vizio, in an Amazon Prime page listing supposedly authorized devices.

"I checked my devices list. It reflects my two Fire tablets and my Firestick. It does not reflect the two smart TVs, one Samsung, the other Vizio," he said.

Other readers have noticed their Android devices fail to appear in the main account settings despite being otherwise logged into their accounts, presumably because these gizmos are non-Amazon gadgets and/or because they are hidden away in Amazon Prime settings.

"Hmm, just looked on my Amazon account. My LG TV isn't shown," noted one netizen. "Now I only use it for Prime viewing but it does offer to pay for films etc. so I'd expect it to be there. Worrying."

Reader Brian Adgey has had to deal with his mother's account suffering from mysterious charges via an unknown device.

"Just to give you some background, her account was hacked previously when somebody compromised her email account," Adgey told us.

"She did not have two-factor authentication enabled at the time, so this was the first thing we did on her Amazon account on that occasion, the theory being that if somebody compromised her email or guessed her password, they would hit the 2FA, and she would get a text with the code. On this occasion she didn’t get a text, but they did manage to make the purchase. Amazon appears clueless as to how it happened, and we both have been left very worried."

Amazon has yet to get back to The Register on repeated requests for comment, though our original tipster, Reddit user fidelisoris, told us they have heard from Amazon that there is an investigation underway.

In the meantime, some Reg comment posters have noted that those with Amazon Prime can see some of their non-Amazon devices showing up via the Prime Devices screen. This could be one way to check what non-Amazon devices are connected to your account. ®

Broader topics


Other stories you might like

  • Amazon fears it could run out of US warehouse workers by 2024
    Internal research says the hiring pool has already dried up in a number of locations stateside

    Jeff Bezos once believed that Amazon's low-skill worker churn was a good thing as a long-term workforce would mean a "march to mediocrity." He may have to eat his words if an internal memo is accurate.

    First reported by Recode, the company's 2021 research rather bluntly says: "If we continue business as usual, Amazon will deplete the available labor supply in the US network by 2024."

    Some locations will be hit much earlier, with the Phoenix metro area in Arizona expected to exhaust its available labor pool by the end of 2021. The Inland Empire region of California could reach breaking point by the close of this year, according to the research.

    Continue reading
  • Amazon shows off robot warehouse workers that won't complain, quit, unionize...
    Mega-corp insists it's all about 'people and technology working safely and harmoniously together'

    Amazon unveiled its first "fully autonomous mobile robot" and other machines designed to operate alongside human workers at its warehouses.

    In 2012 the e-commerce giant acquired Kiva Systems, a robotics startup, for $775 million. Now, following on from that, Amazon has revealed multiple prototypes powered by AI and computer-vision algorithms, ranging from robotic grippers to moving storage systems, that it has developed over the past decade. The mega-corporation hopes to put them to use in warehouses one day, ostensibly to help staff lift, carry, and scan items more efficiently. 

    Its "autonomous mobile robot" is a disk-shaped device on wheels, and resembles a Roomba. Instead of hoovering crumbs, the machine, named Proteus, carefully slots itself underneath a cart full of packages and pushes it along the factory floor. Amazon said Proteus was designed to work directly with and alongside humans and doesn't have to be constrained to specific locations caged off for safety reasons. 

    Continue reading
  • Amazon can't channel the dead, but its deepfake voices take a close second
    Megacorp shows Alexa speaking like kid's deceased grandma

    In the latest episode of Black Mirror, a vast megacorp sells AI software that learns to mimic the voice of a deceased woman whose husband sits weeping over a smart speaker, listening to her dulcet tones.

    Only joking – it's Amazon, and this is real life. The experimental feature of the company's virtual assistant, Alexa, was announced at an Amazon conference in Las Vegas on Wednesday.

    Rohit Prasad, head scientist for Alexa AI, described the tech as a means to build trust between human and machine, enabling Alexa to "make the memories last" when "so many of us have lost someone we love" during the pandemic.

    Continue reading
  • Interpol anti-fraud operation busts call centers behind business email scams
    1,770 premises raided, 2,000 arrested, $50m seized

    Law enforcement agencies around the world have arrested about 2,000 people and seized $50 million in a sweeping operation crackdown of social engineering and other scam operations around the globe.

    In the latest action in the ongoing "First Light", an operation Interpol has coordinated annually since 2014, law enforcement officials from 76 countries raided 1,770 call centers suspected of running fraudulent operations such as telephone and romance scams, email deception scams, and financial crimes.

    Among the 2,000 people arrested in Operation First Light 2022 were call center operators and fraudsters, and money launderers. Interpol stated that the operation also saw 4,000 bank accounts frozen and 3,000 suspects identified.

    Continue reading
  • Alibaba Cloud challenges AWS with its own custom smartNIC
    Who'll board the custom silicon bandwagon next?

    Alibaba Cloud offered a peek at its latest homegrown silicon at its annual summit this week, which it calls Cloud Infrastructure Processing Units (CIPU).

    The data processing units (DPUs), which we're told have already been deployed in a “handful” of the Chinese giant’s datacenters, offload virtualization functions associated with storage, networking, and security from the host CPU cores onto dedicated hardware.

    “The rapid increase in data volume and scale, together with higher demand for lower latency, call for the creation of new tech infrastructure,” Alibaba Cloud Intelligence President Jeff Zhang said in a release.

    Continue reading
  • Threat of cross-border data tariffs looms over WTO
    Some countries call for moratorium to be lifted, tech industry not keen on potential costs

    Concern is growing that a World Trade Organization (WTO) moratorium on cross-border tariffs covering data may not be extended, which would hit e-commerce if countries decide to introduce such tariffs.

    Representatives of the WTO's 164 members are meeting in Geneva as part of a multi-day ministerial conference. June 15 was to be the final day but the trade organization today confirmed it is being extended until June 16, to facilitate outcomes on the main issues under discussion.

    The current moratorium covering e-commerce tariffs was introduced in 1998, and so far the WTO has extended it at such meetings, which typically take place every two years.

    Continue reading
  • Amazon not happy with antitrust law targeting Amazon
    We assume the world's smallest violin is available right now on Prime

    Updated Amazon has blasted a proposed antitrust law that aims to clamp down on anti-competitive practices by Big Tech.

    The American Innovation and Choice Online Act (AICOA) led by Senators Amy Klobuchar (D-MN) and House Representative David Cicilline (D-RI) is a bipartisan bill, with Democrat and Republican support in the Senate and House. It is still making its way through Congress.

    The bill [PDF] prohibits certain "online platforms" from unfairly promoting their own products and services in a way that prevents or hampers third-party businesses in competing. Said platforms with 50 million-plus active monthly users in the US or 100,000-plus US business users, and either $550 billion-plus in annual sales or market cap or a billion-plus worldwide users, that act as a "critical trading partner" for suppliers would be affected. 

    Continue reading
  • Five Eyes alliance’s top cop says techies are the future of law enforcement
    Crims have weaponized tech and certain States let them launder the proceeds

    Australian Federal Police (AFP) commissioner Reece Kershaw has accused un-named nations of helping organized criminals to use technology to commit and launder the proceeds of crime, and called for international collaboration to developer technologies that counter the threats that behaviour creates.

    Kershaw’s remarks were made at a meeting of the Five Eyes Law Enforcement Group (FELEG), the forum in which members of the Five Eyes intelligence sharing pact – Australia, New Zealand, Canada, the UK and the USA – discuss policing and related matters. Kershaw is the current chair of FELEG.

    “Criminals have weaponized technology and have become ruthlessly efficient at finding victims,” Kerhsaw told the group, before adding : “State actors and citizens from some nations are using our countries at the expense of our sovereignty and economies.”

    Continue reading
  • AWS says it will cloudify your mainframe workloads
    Buyer beware, say analysts, technical debt will catch up with you eventually

    AWS is trying to help organizations migrate their mainframe-based workloads to the cloud and potentially transform them into modern cloud-native services.

    The Mainframe Modernization initiative was unveiled at the cloud giant's Re:Invent conference at the end of last year, where CEO Adam Selipsky claimed that "customers are trying to get off their mainframes as fast as they can."

    Whether this is based in reality or not, AWS concedes that such a migration will inevitably involve the customer going through a lengthy and complex process that requires multiple steps to discover, assess, test, and operate the new workload environments.

    Continue reading
  • Amazon accused of obstructing probe into deadly warehouse collapse
    House Dems demand documents from CEO on facility hit by tornado – or else

    Updated The US House Oversight Committee has told Amazon CEO Andy Jassy to turn over documents pertaining to the collapse of an Amazon warehouse – and if he doesn't, the lawmakers say they will be forced to "consider alternative measures."

    Penned by Oversight Committee members Alexandria Ocasio-Cortez (D-NY), Cori Bush (D-MO) and committee chairwoman Carolyn B. Maloney (D-NY), the letter refers to the destruction of an Edwardsville, Illinois, Amazon fulfillment center in which six people were killed when a tornado hit. It was reported that the facility received two weather warnings about 20 minutes before the tornado struck at 8.27pm on December 10; most staff had headed to a shelter, some to an area where there were no windows but was hard hit by the storm.

    In late March, the Oversight Committee sent a letter to Jassy with a mid-April deadline to hand over a variety of documents, including disaster policies and procedures, communication between managers, employees and contractors, and internal discussion of the tornado and its aftermath.

    Continue reading

Biting the hand that feeds IT © 1998–2022