Amazon seller was badly cheated and lost 400,000 overnight!

No matter what industry you are in, it seems difficult to escape scams , especially with the rapid development of the Internet. The scammers' methods of fraud are becoming more and more high-tech, making it difficult for people to escape their "trap."

For many cross-border sellers, the most hated " fraud method " is phishing emails!

The seller received a phishing email and his store was stolen, resulting in heavy losses!

Recently, many sellers have reported that they have received "phishing emails" sent by criminals impersonating Amazon officials.

It is understood that the email address used by the scammers is highly similar to Amazon's official address , and the content of the email also completely imitates Amazon's style. The specific content is to require sellers to update the emergency contact settings as soon as possible.

If the seller is observant, he will find that there is a loophole in the email, that is, it shows that it was sent by a certain email address.

However, after seeing the official Amazon logo in the email, many sellers relaxed their vigilance, thinking it was an official Amazon email, and did not discover the "drop shipping" loophole.

After the seller replied to the email according to the instructions, he immediately received an automatic email from the other party. The email contained a verification button. Many sellers fell into the scammers' trap and clicked the verification button according to the instructions, and then entered the email address, password and secondary verification code according to the page prompts.

After the seller enters the above information, the page directly shows that the verification is passed.

Then I immediately received a "store remote login notification" from the official Amazon .

When the seller received this notification, he realized that his store had been logged in by someone else in a different location and his store had been stolen!

One seller said that his store suffered heavy losses after being robbed, losing 400,000 overnight. What’s even more outrageous is that another seller had more than 10,000 copycats listed…

In fact, if we carefully review the "phishing email", we will find that in addition to the vulnerability of sending emails to a certain mailbox, there are 2 other vulnerabilities.

The first is that the email requires sellers to reply directly to the email to update the emergency contact settings. Sellers in the industry know that Amazon officials generally do not require direct replies to emails.

Another loophole is that when the seller clicks the yellow button to verify, the system prompts the seller to enter the email address and password. Generally speaking, the formal Amazon verification does not require the seller's email address and password to be entered. Basically, they are entered by default and the system will save them before.

In addition, please note that if there are obvious spelling or grammatical errors in the email received by the seller , the email can be 100% determined to be a "phishing email."

If the email requires the seller to enter an account password, fill in bank account information, credit card number and other information, be sure to be vigilant and you can report it directly to Amazon.

On the other hand, if the email asks the seller to install any software or program on the phone or computer , it is also a scam.

How can sellers counter phishing emails ?

The scammers’ method of operation is very simple. They usually use the store to break the seller’s psychological defenses to achieve the purpose of fraud . This time, the seller received an email asking the seller to update the emergency contact settings. Seeing this, many sellers will unconsciously click on the link, so that the scammers can "reap the benefits".

If the seller does not receive any notification on the seller center page and is asked to operate directly in the email , it is best to be vigilant and then verify through multiple channels whether it is an untrustworthy email.

In addition, generally speaking, Amazon's emails are sent to the seller's registered email address. You should also pay attention to emails that are sent to the service email address set up in the background instead of the registered email address .

A very crucial point is that the seller must carefully identify the email address. If it is different from the official address, you can simply ignore it. If you are unsure, you can confirm with customer service.

The seller can open a case first, and then send the email address and the main information of the email to the customer service to confirm whether it is an official email.

Previously, Amazon officials said that if sellers receive suspected fraudulent emails, they must be careful to identify the email suffix. Emails sent by Amazon officials always have ( @amazon.com) or the email addresses listed below.

After determining that a suspicious email involves violations or fraud , sellers should collect evidence and submit it to Amazon staff.

If the seller accidentally clicks on a phishing link, he or she should change the account and password immediately and contact Amazon to file a complaint and record it.  

Phishing email schemes are emerging in an endless stream, and many sellers have suffered greatly!

When these criminals use phishing emails to commit fraud, they often use a variety of tricks to induce sellers to take action.

① The first is the most common routine, pretending to be an Amazon official, requiring sellers to operate in the email and enter the relevant account and password.

② Pretend to be a buyer to make a product inquiry, and then ask the seller to click on the link in the inquiry to view the product details. Once the seller clicks the link, he will fall into the trap of the criminals.

③ Disguise as an official SNS platform to send a ban notification to the seller, and then induce the seller to click on the link.

④ The server disguised as an email address sends the seller a message indicating that the email address is not secure, and asks the seller to click on a link.

⑤ They will pretend to have seen similar products from the seller on other suppliers’ websites , and then provide a link, asking the seller to enter their email account and password to view the sample.

⑥ The email will prompt the seller that the payment has been made and ask the seller to download the attachment to view the payment receipt. However, when the seller clicks to download the attachment, he will find a URL. After opening the URL, he will be prompted to enter his email account and password.

Phishing emails are rampant, and criminals use the above methods to send virus-infected links and attachments to sellers , or trick sellers into filling in their account numbers and passwords .

Steve , a seller in Hangzhou, once encountered a series of phishing email scams and almost lost 6.5 million !

At that time, he received an inquiry email. After communication, the other party sent a file with purchase information and induced Steve to enter his email address and password .

Not long after, another old customer of Steve placed an order and planned to transfer 6.5 million yuan of payment to Steve's account in a week.

However, Steve has not received the payment for the goods, but the customer said that the payment has been made and also provided chat records and payment information .

Steve then realized that he had been deceived by a phishing email, and he immediately called the police. After investigation, the police found that the criminals induced Steve to enter his email address and password , and then used technical means to tamper with the recipient information and payment account in the emails Steve sent to foreign customers , causing the customers to directly deposit 6.5 million yuan of payment into the criminals' accounts.

Fortunately, the police helped Steve recover all the payment for the goods by filing a timely complaint to stop payment and freeze the account .

In short, sellers must be vigilant in their daily operations to avoid being deceived!

Phishing Emails

Scams