Amazon's Customer Protection and Enforcement team has taken legal action against an underground store refund scheme that has resulted in the theft of millions of dollars worth of products from Amazon's online platforms.
This lawsuit targets 20 members of an international fraudulent organization known as REKK, as well as seven former Amazon employees who acted as malicious insiders, according to the complaint.
Operating as an Organized Retail Crime gang across online forums and social media, this fraud service provider provides illicit refunds for individuals in exchange for a fee.
Individuals seeking free items, like iPads or MacBooks, purchase an item and then pay REKK a fee, usually a percentage of the product's cost, to secure a deceptive refund.
The 'customers' placed an order through Amazon's online retail platform and then provided the order details to the fraudulent refund service.
REKK then requested a refund, manipulating Amazon's support representatives through social engineering tactics, unauthorized access to Amazon systems, and bribing insiders to secure a refund without returning the purchased product.
After a successful refund, the 'customers' gave REKK their cut.
As a refund fraud gang, REKK stands among the larger entities in an underground industry offering fraudulent refund services.
In November 2019, REKK claimed on Nulled to have fraudulently refunded over 100,000 orders across various retailers to more than 30,000 customers worldwide, not solely limited to Amazon.
They promote their services and engage with refund-seeking individuals on platforms like Nulled, Reddit, and Discord.
The Refund-as-a-Service operation commonly shares screenshots of illicit Amazon refunds to their Telegram channel as proof that their service works.
Last year alone, Amazon says it spent at least $1.2 billion employing investigators tasked with scrutinizing activities manually to deter fraudulent practices and a workforce exceeding 15,000 individuals to combat theft, fraud, and abuse across its retail platforms.
Upon detecting fraudulent activity, the company says it takes several measures to stop it, including alerting customers, terminating accounts, and blocking individuals involved in refund fraud from creating new accounts.
SpyLoan Android malware on Google Play downloaded 12 million times.
India targets Microsoft, Amazon tech support scammers in nationwide crackdown.
Amazon adds passkey support as new passwordless login option.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 08 Dec 2023 16:50:12 +0000