Amazon SES Token Stolen From Kaspersky Used in Phishing Campaign Targeting Office 365 Users
Last updated November 2, 2021
Amazon clearly has to reconsider their Kindle store content reporting policy, as the problems with fake ebooks have gotten out of hand, and people have to go through a tedious process in order to report them all. The latest example comes from Malwarebytes researchers who found entries of the upcoming John Wick 3 movie in Kindle, featuring luring titles and 'play-button' previews. The entries evidently imply that you’ll be getting links leading to a legitimate (or not) server that offers the promised content for those who paid for the ebook.
So, Malwarebytes researchers paid for some of these ebooks to see where each path goes, with some items being given for free while the price of the others ranged from a dollar to roughly $20! The ebooks were basic in form and contained text to provide a description of the movie as well as a link that supposedly points the buyer to the promised media. If clicked, the link takes you to an endless re-forwarding ride that makes you forget where you started from, and always ending up to some form of a new user registration page of a supposed media delivery platform. No matter what you paid for the ebook, this final step is the same, asking for a membership fee to that media platform.
The cost of the membership is meager ($1-$2/month), as the actual goal is not to get more money from you but to steal your credit card payment information. The cost of the ebooks was merely a fake legitimacy creation trick, while the membership cost is just a phishing setting. All in all, you won’t be getting John Wick 3, and neither any other movie whatsoever, as Malwarebytes researchers found no clearly defined Privacy Policy or user agreement context in these websites.
Unfortunately, and as we highlighted in the introduction, Amazon is not quick to react to these cases (the titles found by Malwarebytes are still available in the Kindle store), and the reporting system is not making it any easier to remove bogus ebooks. As others have reported in the past, some of these fake books even reach top-20 in some categories, so the number of people who are tricked into buying them is possibly a quite large one. In the field of movies, you should not be fooled by any book previews, empty promises, or even a deceiving high price that insinuates legitimacy.
Update: One of the Amazon representatives reached out to us pointing that the eBooks have been removed and no longer available for sale on the store.
Have you ever purchased a 'movie-ebook' from Kindle? Let us know how that ended up in the comments section below, and don’t forget to like and subscribe to our socials on Facebook and Twitter, for more news stories like this one.