Search Information Security site

 

Main menu

Someone placed an order for an iPhone on your Amazon account. What should you do next?

What are phone call scams?

Most Americans are familiar with the classic phone call scam. Nefarious persons obtain access to thousands of phone numbers (or choose an area code and try different combinations of the other seven numbers until they get lucky and find a real number). When they reach you, or your voicemail, they lay out a scenario in which you must take urgent action to prevent dire consequences from unfolding. Usually that action involves divulging sensitive information, often financial in nature. 

Because most people have received these calls countless times, we’ve learned to recognize the typical tropes and avoid falling prey to phone scams. However, bad guys are always developing improved schemes to get information from you. Therefore, it’s important to stay up to date with the phone scams happening  in your area at any given time. The most recent example is the false order scam from “Amazon” and “Apple.” 

The Amazon/Apple False Order Phone Scam

In this scam, if you pick up the phone you’ll find someone impersonating an Amazon customer support agent on the other end of the line. They’ll claim that an order for a $1200 iPhone 12 or another expensive product has been placed on your account. If you haven’t ordered an expensive product on Amazon recently, you’ll reasonably be alarmed by this news. The bad guys rely on your sense of fear and urgency to extract sensitive information from you over the phone. 

The phone scammers may also ask you to visit a website, or gain your trust by conversing casually with you. Do not answer any of their questions, do not go to any website they ask you to visit, and do not, under any circumstances, provide them with remote access to your computer. This will allow them to control your device and extract any information they please.

What makes phone scams effective?

Phone scammers may employ a variety of tricks to make their invented scenario sound more realistic. For example, they may use your social media to determine where you were on vacation recently, and say that the false order originated from that location. They may also pair the phone scam with fake emails that appear to come from a legitimate company like Amazon, but are actually doctored to convince you that your account has been hacked and to hand over passwords or other sensitive information. 

When you receive emails encouraging you to take rapid and urgent action, or if the claims the email is making seem unrealistic or off in any way, the safest course of action is to call the customer service desk for the company that supposedly sent the email, and confirm that they actually did send it. You can also look at other emails from that company you’ve received in the past. If the suspicious email appears different in any way, then it’s probably a hoax. 

Phone scams may be an old trick, but they’re still common because they work. Always be suspicious of unsolicited calls, and err on the side of caution. The safest course of action is always to call the company at the number posted on their website. If you are being encouraged to act urgently and rapidly, or being asked to provide access to your device or to private information, hang up the phone immediately. 

What else can you do?

Inform your friends and family of the recent false order scam, and encourage the people around you to be diligent at all times. As long as you stay “dialed in” and focused, you’ll avoid falling prey to phone scams. 

 

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form