We’ve been covering scam sellers issue for a while now, but lately we noticed a new trend. Instead of opening new accounts, which Amazon has been more proactive about shutting down lately, fraudsters are hijacking dormant seller accounts. Most likely by hacking them.
We noticed this almost accidentally when we looked at when a seller had their first review. Some of these scam sellers have been stagnant for as much as 10 years. As you can see in the screenshot below, the seller didn’t have any activity since 2008, but then came back this year with a string of negative reviews.
We are making an obvious conclusion that these sellers have been hacked, and it is now someone else using their account. Out of scam sellers on Amazon.com in the last 30 days, 20 percent are from accounts opened more than a year ago. So this is not a random occurrence, but a continuing trend.
In this case though, this hurts sellers too, not just upsets customers.
The way we understand it, a scam seller changes the deposit bank account number to their own, and after the first deposit is made they disappear. But when customers start complaining and Amazon automatically refunds their payments, it’s the original account owner’s credit card which gets charged. So not only are these fraudsters benefiting themselves, they are also creating problems for the original owners who then have to fight with Amazon to get the charge reversed.
A few sellers we talked to have been charged thousands of dollars because of this. We’ve seen charges north of $10,000.
In case you are wondering how a credit card is still valid for a seller account opened in 2008 - Amazon accounts are shared between selling and placing orders on Amazon.com. So even though these sellers haven’t logged in to their seller account in a very long time, they’ve been placing orders on Amazon.com as customers. And that’s the credit card Amazon used to settle the seller charges.
All of these sellers are obviously no longer checking their selling accounts, and are likely ignoring Amazon emails too. So they only notice this when their credit card gets charged, by which point it might take weeks to get this sorted out.
It’s unclear how fraudsters are gaining access, but sellers should take precaution. Amazon Two-Step Verification is an absolute must to enable. Furthermore, if selling on Amazon was just an experiment they should close the account instead of leaving it dormant. Using the same login/password for selling and for personal orders on Amazon is also not advised. Ideally the seller email shouldn’t be used for anything else, not even for email communications to avoid various phishing attacks.
We had this behavior confirmed by multiple sellers, and we’ve seen multiple more occasions elsewhere. As aggressiveness of fraud expands, sellers should educate themselves and their staff on staying safe online.
This is quite a messy situation, because while previously best advice for customers was “Do not buy from Just Launched sellers”, it’s not as trivial now. It’s unrealistic to expect buyers to check seller feedbacks and see when it was last received, so it’s up to Amazon to fix this issue. We expect Amazon to be able to address this soon - dormant accounts should be subject to the same rules as new accounts.