An unknown hacker collective has been able to overcome the security defenses of Amazon by launching a successful fraud campaign. As a result funds were siphoned from merchant accounts. The ongoing investigation reveals that this is a high-impact crime as it was active for a very long period of time — over six months in 2018.
Amazon Was The Victim of Fraud, Merchant Accounts Funds Siphoned By Hackers
Amazon is the latest high-profile company to have been the victim of a serious and high-damaging cyber attack. They revealed to the public that they have been the victim of extensive fraud from an unknown criminal collective. So far it is believed that the company was able to penetrate the system and funnel cash from loans and sales that are owned by merchant accounts, about 100 are affected. The duration of the intrusion and the financial abuse is believed to have taken place between May 2018 and October 2018. What is known at the moment is that the criminals were able to change account details which has redirected the profit to their own bank accounts and not to the sellers. It is believed that the source of the attacks is a large-scale phishing campaign which was aimed against the merchant account owners. The hackers have probably devised email messages that appear as being sent by Amazon themselves. By falling victim to them the merchants have disclosed the personal information and account credentials needed to execute the malware actions.
According to cyber experts this was made possible due to the fact that a large part of the operations are automated by design and they required minimal user input. The ongoing investigation is due to review the financial statements of suspect account holders. Amazon has announced that it has issued more than $1 billion in loans to merchants in 2018. To this date there is no information available about amount of money that the users hackers have stolen. We anticipate that as the investigation continues more details will be disclosed to the public.