• Home
  • News
  • Reviews
  • Software
  • Apps
  • About
    • Contact
    • Privacy Policy
Search
Sign in
Welcome! Log into your account
Forgot your password? Get help
Password recovery
Recover your password
A password will be e-mailed to you.
Myce.wiki
  • Home
  • News
  • Reviews
  • Software
  • Apps
  • About
    • Contact
    • Privacy Policy
News

Cybersecurity Researchers Reveal Amazon Fake Reviews Scam

By
Maricar Sze
-
October 11, 2022

An unsecured database was found by cybersecurity researchers that reveals a scam in which Amazon consumers submit fake reviews in return for free items from Amazon vendors.

The unencrypted ElasticSearch server was discovered by cybersecurity specialists with an antivirus review site, the Safety Detectives. According to Safety Detectives, over 13 million or 7 GB of information were stored in the server.

The researchers noted, “The server contained a treasure trove of direct messages between Amazon vendors and customers… potentially implicating more than 200,000 people in unethical activities.”

Amazon Fake Reviews Scam Revealed.jpeg

“While it is unclear who owns the database, the breach demonstrates the inner workings of a prevalent issue affecting the online retail industry.”

Vendors on Amazon submit lists of items they want a five-star rating to reviewers. The reviewers then purchase the products and give them a five-star rating on Amazon.

Afterward, the reviewer replies to the vendor with their Amazon profile link and PayPal account details. The reviewer gets refunded and given the reviewed product as payment, as well as an additional cash bonus in some cases.

The researchers said, “The refund for any purchased goods is actioned through PayPal and not directly through Amazon’s platform. This makes the five-star review look legitimate, so as not to arouse suspicion from Amazon moderators.”

Vendors’ email addresses, as well as Telegram and WhatsApp contact details, were included in the database.

Also, there are more than 75,000 links to accounts on Amazon accounts, email addresses of PayPal accounts, and other email addresses. Even fan names suspected to be usernames but may include names and surnames were among the messages connected to reviewers.

Vendors were also given email addresses to reach reviewers, including 232,664 Google email addresses, but this number contains duplicates. The researchers believe that between 200,000 and 250,000 users were affected in total, including Amazon vendors whose contact information was hacked.

The server was located in China but the leak seems to have largely impacted Europe and the US, though the data may likely extend to every country worldwide. The owner of the server is unidentified, so it is expected that once they are found, they will face consumer privacy laws.

Besides, the vendors who pay for false reviews risk being sanctioned by Amazon for violating its terms of service. Depending on their location and whether or not law enforcement or authorities are involved in prosecuting product reviewers, reviewers can also receive a fine.

Maricar Sze

RELATED ARTICLESMORE FROM AUTHOR

Nintendo Switch Announces New Firmware Update
News

Nintendo Switch Announces New Firmware Update Version 12.1.0

Forward Air Discloses Ransomware Data Breach
News

Forward Air Discloses Ransomware Data Breach Months After Incident

Fetch Robotics Joins Zebra Technologies
News

Fetch Robotics Joins Zebra Technologies in Acquisition Deal

Accenture Suffers Ransomware Attack
News

Accenture Suffers Ransomware Attack, Hackers Threaten Leak

Revere Health Victim To A Phishing Attack
News

Revere Health Falls Victim To A Phishing Attack

UK to Double Down on AI Strategy
News

UK to Double Down on AI Strategy in the Next 10 Years

Coursera Offers New Fee System
News

Coursera Offers New Fee System To Scale Online Degree Programs

Caspar.AI for Retirement Communities
News

Caspar.AI Develops AI for Retirement Communities

Mercedes-Benz Reports Data Breach
News

Mercedes-Benz Reports Data Breach Impacting 1,000 Customers

iSIGN Media Exclusive Technology Platform
News

iSIGN Media Selected as Exclusive Technology Platform

Motional Unveils Hyundai Ioniq
News

Motional Unveils Hyundai Ioniq 5 Robocar

Computer Systems Data Breach by Cozy Bear
News

RNC Denies Computer Systems Data Breach by Cozy Bear

RECENT NEWS

Best App to Download Audio and Video From YouTube for Free

Apps Brady C. - January 25, 2023

App To Track Weight Lifting Progress

Other Brady C. - January 25, 2023

Best Finance Apps to Track Your Bills

Other Brady C. - January 25, 2023

The latest news surrounding digital storage products, cloud, data security, technology, fintech, games.

Myce B.V.
Cruquiuskade 251, 1018 AM Amsterdam, Netherlands.

Contact us: contact@myce.wiki

MORE RECENT NEWS

UK to Double Down on AI Strategy

UK to Double Down on AI Strategy in the Next 10...

News December 10, 2022
Coursera Offers New Fee System

Coursera Offers New Fee System To Scale Online Degree Programs

News December 10, 2022
Caspar.AI for Retirement Communities

Caspar.AI Develops AI for Retirement Communities

News December 7, 2022

POPULAR CATEGORY

  • News24940
  • Other16039
  • Piracy1016
  • Software815
  • Reviews581
  • Movies522
  • Music275
  • Privacy Policy
  • Terms and Conditions
  • Cookie Policy
  • About
  • Contact
© Copyright 2023 Myce B.V. – All rights reserved.