[BreachExchange] Hackers steal Amazon sellers’ funds in “extensive” attack

Destry Winant destry at riskbasedsecurity.com
Thu May 9 22:55:12 EDT 2019


https://www.hackread.com/hackers-steal-amazon-sellers-funds-in-extensive-attack/

The American e-commerce and technology giant Amazon.com, Inc. has
announced that it was hit by a fraud attack in which unknown hackers
targeted over 100 sellers stealing their earnings they made through
sales or loans.

The attack, according to Bloomberg, took place between May 2018 and
October 2018 with sellers having accounts at Barclays and Prepay
Technologies after their details were changed and cash fraudulently
transferred to accounts owned by hackers.

Although it is unclear how much money was stolen Amazon believes the
attack was a result of a phishing scam tricking sellers into handing
over their login and financial information to the hackers.

Amazon believes that it was an “extensive” and “serious” attack. The
company’s lawyers are seeking permission to check bank accounts at
Barclays and Prepay in a bid to track down the transaction and
fraudsters behind the attack, said Bloomberg citing legal documents.

It was not so long ago when Amazon suffered a major data breach in
which names and email addresses of its registered customers were
exposed on its website – The incident occurred a few days before Black
Friday last year.

It is worth mentioning that phishing attacks are surging and most
common victims are unsuspected online users. Just yesterday, the
world’s largest Bitcoin cryptocurrency exchange Binance announced that
hackers stole roughly 7,000 bitcoin (worth over $40 million) from its
hot wallet after using malicious techniques including phishing.

Therefore, if you are an Amazon.com user, make sure never to share
your banking or login credentials with anyone. Also, do not fall for
phishing scam asking for email and password in plain sight. If you
wish to protect yourself from phishing scam follow these 5 tips – You
can also use these 5 tips to keep fraudsters at bay. Stay safe online.


More information about the BreachExchange mailing list