Refunds due to as many as 1,500 Amazon customers have been siphoned off by hackers, according to a legal complaint filed by the e-commerce giant. The incident came to light after the legal cell of Amazon filed a complaint in Lucknow yesterday. Based on the complaint, an FIR was lodged against unknown hackers at Vibhuti Khand police station. Notably, many customers had initially complained that refunds were not being credited to their bank accounts. Inorder to get to the bottom of the issue, Amazon conducted an internal audit and it was discovered that refunds from around 1,500 customers had been diverted by hackers into their own accounts.
The cyber cell of Lucknow Police is now looking into the matter. Te company had an audit after it received multiple complaints on a regular basis almost every week from the month of June, according to media reports. Further, the audit revealed that the incident was happening with those customers who used ‘Cash on Delivery’ option. How was the fraud actually carried out?
Interestingly, the customers who had chosen the ‘Cash on Delivery’ option wanted to return their purchase, and sought a refund. In order to credit the refund to their accounts, they were asked by Amazon to furnish their bank account details. The hackers managed to get hold of the phone number of these customers and pretended to be Amazon employees, and asked them for the OTP (One-Time-Password) to get their refund.
On receiving the OTP, the hackers would add their own accounts, details so that the refund would get credited to their account instead of the customers. Interestingly, while Amazon had paid out the refund, it got credited to the hackers’ accounts.