Amazon Confirms MOVEit-Related Data Breach Exposed Employee Information
Published on November 12, 2024
Published on November 12, 2024
Amazon India Suspected of Data Breach Due to Duplicate Charges and Fake Products Delivery
Published on August 12, 2024
- An Amazon client in India suggested the customers’ data could be compromised.
- The allegations are backed by evidence such as inaccurate bills for some orders and double charges for others.
- Besides, one order contained a different product than ordered, which was also counterfeit.
Multinational technology company Amazon announced that it is investigating claims made by a customer in India who received duplicate orders and fake products and suggested the company might be subject to a data breach, according to a report by Cyber Express.Â
The Amazon customer said they placed two orders in one day. These were paid via different methods (online and through Cash on Delivery), but the bills looked identical. One of the orders had a duplicate charge for the same item.
However, the other order contained the wrong item, delivering speakers instead of a tablet. The client thinks the received speakers are a counterfeit product.
For now, Amazon’s response is only that an inquiry into the matter is ongoing.
The data breach allegations are not very far-fetched, as a phishing campaign masqueraded as an Amazon email asking for security verification earlier this month, stealing users’ details via a malicious domain that requested sensitive personal data, including banking details. The attackers used Google Drawings and shortened links generated via WhatsApp to evade detection.
Hackers can also intercept one-time passwords (OTPs) that victims receive via text message, voice call, email, instant message, or mobile app push notifications via complex hacks with multiple stages, including phishing and OTP bots typically managed via a special browser-based panel or a Telegram bot.
Users should stay alert, as a recent exploit of Proofpoint’s email protection service allowed threat actors to send millions of spoofed phishing emails, perfectly impersonating Proofpoint customers. This company works with brands like Disney, IBM, Coca-Cola, Nike, Best Buy, and more.
