20
Feb 18

Money Laundering Via Author Impersonation on Amazon?

Patrick Reames had no idea why Amazon.com sent him a 1099 form saying he’d made almost $24,000 selling books via Createspace, the company’s on-demand publishing arm. That is, until he searched the site for his name and discovered someone has been using it to peddle a $555 book that’s full of nothing but gibberish.

The phony $555 book sold more than 60 times on Amazon using Patrick Reames’ name and Social Security number.

Reames is a credited author on Amazon by way of several commodity industry books, although none of them made anywhere near the amount Amazon is reporting to the Internal Revenue Service. Nor does he have a personal account with Createspace.

But that didn’t stop someone from publishing a “novel” under his name. That word is in quotations because the publication appears to be little more than computer-generated text, almost like the gibberish one might find in a spam email.

“Based on what I could see from the ‘sneak peak’ function, the book was nothing more than a computer generated ‘story’ with no structure, chapters or paragraphs — only lines of text with a carriage return after each sentence,” Reames said in an interview with KrebsOnSecurity.

The impersonator priced the book at $555 and it was posted to multiple Amazon sites in different countries. The book — which as been removed from most Amazon country pages as of a few days ago — is titled “Lower Days Ahead,” and was published on Oct 7, 2017.

Reames said he suspects someone has been buying the book using stolen credit and/or debit cards, and pocketing the 60 percent that Amazon gives to authors. At $555 a pop, it would only take approximately 70 sales over three months to rack up the earnings that Amazon said he made.

“This book is very unlikely to ever sell on its own, much less sell enough copies in 12 weeks to generate that level of revenue,” Reames said. “As such, I assume it was used for money laundering, in addition to tax fraud/evasion by using my Social Security number. Amazon refuses to issue a corrected 1099 or provide me with any information I can use to determine where or how they were remitting the royalties.”

Reames said the books he has sold on Amazon under his name were done through his publisher, not directly via a personal account (the royalties for those books accrue to his former employer) so he’d never given Amazon his Social Security number. But the fraudster evidently had, and that was apparently enough to convince Amazon that the imposter was him.

Reames said after learning of the impersonation, he got curious enough to start looking for other examples of author oddities on Amazon’s Createspace platform.

“I have reviewed numerous Createspace titles and its clear to me that there may be hundreds if not thousands of similar fraudulent books on their site,” Reames said. “These books contain no real content, only dozens of pages of gibberish or computer generated text.”

For example, searching Amazon for the name Vyacheslav Grzhibovskiy turns up dozens of Kindle “books” that appear to be similar gibberish works — most of which have the words “quadrillion,” “trillion” or a similar word in their titles. Some retail for just one or two dollars, while others are inexplicably priced between $220 and $320.

Some of the “books” for sale on Amazon attributed to a Vyacheslav Grzhibovskiy.

“Its not hard to imagine how these books could be used to launder money using stolen credit cards or facilitating transactions for illicit materials or funding of illegal activities,” Reames said. “I can not believe Amazon is unaware of this and is unwilling to intercede to stop it. I also believe they are not properly vetting their new accounts to limit tax fraud via stolen identities.”

Reames said Amazon refuses to send him a corrected 1099, or to discuss anything about the identity thief.

“They say all they can do at this point is send me a letter acknowledging than I’m disputing ever having received the funds, because they said they couldn’t prove I didn’t receive the funds. So I told them, ‘If you’re saying you can’t say whether I did receive the funds, tell me where they went?’ And they said, “Oh, no, we can’t do that.’ So I can’t clear myself and they won’t clear me.”

Amazon said in a statement that the security of customer accounts is one of its highest priorities.

“We have policies and security measures in place to help protect them. Whenever we become aware of actions like the ones you describe, we take steps to stop them. If you’re concerned about your account, please contact Amazon customer service immediately using the help section on our website.”

Beware, however, if you plan to contact Amazon customer support via phone. Performing a simple online search for Amazon customer support phone numbers can turn up some dubious and outright fraudulent results.

Earlier this month, KrebsOnSecurity heard from a fraud investigator for a mid-sized bank who’d recently had several customers who got suckered into scams after searching for the customer support line for Amazon. She said most of these customers were seeking to cancel an Amazon Prime membership after the trial period ended and they were charged a $99 fee.

The fraud investigator said her customers ended up calling fake Amazon support numbers, which were answered by people with a foreign accent who proceeded to request all manner of personal data, including bank account and credit card information. In short order, the customers’ accounts were used to set up new Amazon accounts as well as accounts at Coinbase.com, a service that facilitates the purchase of virtual currencies like Bitcoin.

This Web site does a good job documenting the dozens of phony Amazon customer support numbers that are hoodwinking unsuspecting customers. Amazingly, many of these numbers seem to be heavily promoted using Amazon’s own online customer support discussion forums, in addition to third-party sites like Facebook.com.

Interestingly, clicking on the Customer Help Forum link link from the Amazon Support Options and Contact Us page currently sends visitors to the page pictured below, which displays a “Sorry, We Couldn’t Find That Page” error. Perhaps the company is simply cleaning things up after being notified last week by KrebsOnSecurity about the bogus phone numbers being promoted on the forum.

In any case, it appears some of these fake Amazon support numbers are being pimped by a number dubious-looking e-books for sale on Amazon that are all about — you guessed it — how to contact Amazon customer support.

If you wish to contact Amazon by phone, the only numbers you should use are:

U.S. and Canada: 1-866-216-1072

International: 1-206-266-2992

Amazon’s main customer help page is here.

Update, 11:44 a.m. ET: Not sure when it happened exactly, but this notice says Amazon has closed its discussion boards.

Update, 4:02 p.m. ET: Amazon just shared the following statement, in addition to their statement released earlier urging people to visit a help page that didn’t exist (see above):

“Anyone who believes they’ve received an incorrect 1099 form or a 1099 form in error can contact us1099@amazon.com and we will investigate.”

“This is the general Amazon help page:”

https://www.amazon.com/gp/help/customer/display.html?ie=UTF8&nodeId=508510

Update 4:01 p.m ET: Reader zboot has some good stuff. What makes Amazon a great cashout method for cybercrooks as opposed to, say, bitcoin cashouts, is that funds can be deposited directly into a bank account. He writes:

“It’s not that the darkweb is too slow, it’s that you still need to cash out at the end. Amazon lets you go from stolen funds directly to a bank account. If you’ve set it up with stolen credentials, that process may be faster than getting money out of a bitcoin exchange which tend to limit fiat withdraws to accounts created with the amount of information they managed to steal.”

Tags: , , ,

109 comments

  1. Best way to get Amazon to listen is to file a lawsuit. This is slam dunk negligence on their part.

    • Agreed. I would also call your state attorney general, as they might be willing to facilitate the lawsuit for money laundering, especially since Amazon is profiting on this. Money laundering is very serious and if Amazon is not doing something about (which it seems from this article they are not), then they could be hit by massive fines and lawsuits. It will depend on how many victims there are.

  2. Just for fun, I hit up the CreateSpace royalties calculator, and this is what I got (based on the info in your screenshots above):
    https://www.gt500.org/images/555_book_royalties.png

    CreateSpace does take less of your money if you go with black and white rather than full color, however at that price point the difference is negligible (barely more than $3).

  3. good gwief! this is better than cryptomining indeed.

  4. I know how this is done. It is the best way to launder bitcoin revenue generated from all kinds of illegal activities. They go to Giftly or Gyft and by Amazon gift cards for the bitcoin. Then they just pay themselves. That is the only way to not get your account closed. It is not credit card fraud!!! Gift cards are always under the radar on Amazon.

  5. If you get nowhere, try mailing jeff@amazon.com. I once e-mailed Jeff ($100 Billion) Bezos from my basement to tell him he was mismanaging a particular product segment–nothing angry, profane nor insulting, mind you, just tryin’ to be neighborly–and an uncloaked Amazon employee visited my LinkedIn page searching for signs of intelligent life–or maybe a manifesto. So I can tell you someone monitors the mailbox.

    As for Amazon proactively noticing this fraud–maybe the e-book trickery is obscured by “go-away” pricing I sometimes see for physical goods. Here’s a $999.00 pack of Lawn and Leaf bags:

    https://www.amazon.com/Garden-Club-Lawn-Leaf-Bags/dp/B00V59VD1K

    It’s “fulfilled by Amazon” and there’s only one in stock. I assumed this acts like a placeholder but also stops an out-of-season restock–and the resulting Amazon warehouse rent, but a price tracker doesn’t support the seasonal-stocking theory, at least for this item:

    https://camelcamelcamel.com/product/B00V59VD1K

  6. Great reporting Brian.

    Re:

    “…Amazon refuses to send him a corrected 1099, or to discuss anything about the identity thief …

    … Amazon said in a statement that the security of customer accounts is one of its highest priorities …”

    Legal double-speak and CORPORATE ARROGANCE at it’s best !!!

    I too have had difficulties attempting to contact Amazon by phone over a much more trivial matter.

    I can only imagine the magnitude of run-around Mr. Reames has received.

  7. Krebs why are you using spyware by Google software referred to as Chrome?

  8. The same type of thing also is happening on eBay as well. Everyday plain items that costs up to a few dollars and selling for thousands of dollars.

  9. Why was my comment removed?

  10. Contacting Amazon: There is an option buried in the Help pages to have Amazon call you. This eliminates the chance of calling the wrong number. It’s the only way I contact Amazon support.

    • Yes, and it’s not “buried” all that deeply. I’ve never understood why people say they have difficulty getting in touch with Amazon customer support; it’s right there and easy to find!

  11. The act of issuing a wrong 1080 doesn’t mean that his identity was stolen. Amazon could have wrongly attributed the sales to the information they have on file. This is common, especially if somebody else in the system is trying to pretend to be you.

    How do we know that the seller is not using authors name to market those books at high margins to pray on unsuspected customers who do not know any better?

    The money laundering idea doesn’t make any sense either; you want to clean the money without raising doubt while retaining most of it. Why would you give away 40% of your money and attribute the income to another 1080? That defeats the whole purpose.

    What I think you have here is (potentially illegal) gift card redemption scheme coupled with an accounting mistake.

    • Criminals are often happy to get 10 cents on the dollar. Getting 40-60 cents on the dollar is pretty good.

  12. Amazon as money laundering facilitator is a great story.
    Wonder how long it takes to remove these high-priced offers, I bet we’ll see more of these for a while. The percentage for amazon is too big to discard.
    Just wait til the fake shop wave hits you over there, here in EU its a big money maker for darknet kiddies and google adsense gets up tp 50% of the ill gotten cash because the fake shops are always #1 on the google search!

  13. Regarding the closing of the discussion boards, it appears to have been Friday October 6 2017 based on this: https://goodereader.com/blog/electronic-readers/amazon-customer-discussion-forums-are-shutting-down

    This follows the February 20 2017 closure of the IMDB discussion boards, also owned by Amazon.

  14. This is a timely article:
    “Millions of accounts impersonating real people roam social media platforms, promoting commercial products and celebrities, attacking political candidates and sowing discord…Yet social media companies often fail to vigorously enforce their own policies against impersonation, an examination by The New York Times found, enabling the spread of fake news and propaganda — and allowing a global black market in social identities to thrive on their platforms.”

    https://www.nytimes.com/2018/02/20/technology/social-media-impostor-accounts.html?rref=collection%2Fissuecollection%2Ftodays-new-york-times&action=click&contentCollection=todayspaper&region=rank&module=package&version=highlights&contentPlacement=2&pgtype=collection

  15. As underwhemling as Amazon’s response is, be glad you are not dealing with eBay where I was victim of outright fraud and deception in a $800+ purchase – ebay refused to take action on the seller much less cover me with their ebay guarantee – hint – this is why i refuse to do any business with eBay again. Bottom line, if you have presence on amazon, you have to meticulously monitor it – sounds like a great business model.

  16. the comment section of the fake books on amazon is the best.

  17. Vyacheslav Grzhibovskiy is blocked on Amazon, but still found on B&N.
    Can this work there, or at Ingram?
    Perhaps the scam sets up a fake reseller, and when a normal person orders the non-existent book, a simple “out of stock” refund is made?

    Meanwhile, a pen name would be helpful, as would incorporating your business, to avoid these scams (no SS#), and to protect the individual from a lawsuit against the company. Trademarking and copyrighting the name and logo provides extra avenues of litigation.

  18. I searched Amazon books for “success”, sorted by highest price, and discovered:
    You Play to Win the Game: Leadership Lessons for Success On and Off the Field (Paperback)
    $69,756.68 & FREE Shipping
    Used – Acceptable
    Red Rhino

    Clicking on their link, their storefront listing says:
    “1-24 of over 4,000,000 results for Red Rhino Storefront”
    Most of the books are in the $600 range.
    I suspect they list everything for sale on Amazon, and when someone pays the high price, they buy a cheaper copy elsewhere, and reship the item.

  19. I noticed on sports ticket resale sites some incredibly overpriced tickets. I suspect the same sort of scam is taking place.
    Also, aren’t financial transactions over $10,000 required to be reported to comply with terrorist funding regulations?

  20. Not sure if these are in the same category … Search on Amazon for “Zillionaire Empress Danielle Berhane”

  21. I love Amazon’s “secure” password requirement of 6 characters and 1 number. The second site below did a study and observed an 18.75% checkout abandonment rate among users who forgot their password, so for Amazon, security is not exactly a high priority.

    https://www.amazon.com/gp/help/customer/display.html/ref=hp_515724_password?nodeId=10412241

    https://baymard.com/blog/password-requirements-and-password-reset

  22. I love Amazon’s password requirement of 6 characters. No numbers, uppercase letters or special characters needed. Also you don’t need to verify your email address, since that would reduce the checkout rate.

    • Which is absolutely not a problem if you implement some brute force detection or just limit the number of attempts.

      “rqjnhd” should be accepted almost everywhere. “Password1! “should never be.

  23. It was interesting to see a report which credited Brian by name on our local newscast (I forget whether it was KIRO or KCPQ) regarding the fake customer-support contact information mentioned in this article. Being in the Seattle area (Amazon HQ), obviously there’s a lot of interest.

    I noticed that there was no mention of the money-laundering scheme though. I’m very tempted to recommend contacting KIRO’s investigative reporter Jesse Jones about that 1099.

  24. With hundreds of millions of Prime customers, one could just match people who buy reasonably often on Amazon with stolen credentials, and buy some of the cheap books hoping to fly under the radar (if you buy several Amazon items a month, will you notice a few dollars extra charged?). Sure, many of the charges will be intercepted, but those that aren’t are likely to be gifts that keep on giving for many months. Some crims want the immediate big payout, others are happy for the long and slow but equally successful endeavor.

    Years ago I saw some weird titles listed under my name as being bought, but could not find any charges anywhere so ignored them. Maybe that was a mistake…

  25. The entire Amazon product reviewing system is a massive fraud. My estimate is that there are at least 50 MILLION bogus “product reviews.”

    The “fake books” angle, with their equally insane list prices, I was already aware of, but the reason for their existence — previously unfathomable — is now quite clear, and quite a serious one.

    This article reveals simply more of the same massive Madoffery that I previously was aware of, and I deeply appreciate being able to read it.

    One will not see these exposes often. Amazon with its billion-dollar advertising budget can impose instant fear in the hearts of TV / internet / and print news editors and thus guarantee a see-no-evil silence

  26. “Some retail for just one or two dollars, while others are inexplicably priced between $220 and $320.”

    Isn’t this back to front? If the aim is laundering money, the cheap ones are inexplicable.

    Of course, small, unnoticeable amounts are just what your need for contactless-pay fraud.

  27. If amazon is issueing him a 1099, but paid some other individual, that is fraud BY AMAZON . He needs to get a lawyer, or better yet, the IRS, involved in demanding they proove the payments went to him.

  28. “The fraud investigator said her customers ended up calling fake Amazon support numbers, which were answered by people with a foreign accent who proceeded to request all manner of personal data, including bank account and credit card information.”

    Ironically or at least coincidentally, “…people with a foreign accent who proceeded to request all manner of personal data, including bank account and credit card information…” exactly describes trying to accomplish anything by contacting the real Amazon customer service.

    I have completely cut ties with Amazon due to their behavior.

    I don’t need the stress. And I sure don’t need someone to hack my account to grab my SSN or to fake income to me.

  29. I see this all the time with Photography gear, lenses and high-end cameras in particular.

    An unbelievably low price for a certain item with a legitimate store as the username. The description always asks the buyer to email them before buying in order to dodge amazon’s charge back to the buyer.

  30. Just saw a vacuum filter on Amazon for $100 so it’s not just books.