Privacy News Hackers Count on Password Reuse in Amazon Third-Party Seller Campaign

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Amazon’s ever-growing community of third-party sellers is being targeted by hackers, who are using stolen credentials to steal tens of thousands of dollars from the victims.

Amazon has more than two million sellers on the site accounting for more than half of its sales, according to the Wall Street Journal—and more than 100,000 of those gross more than $100,000 annually.

Hackers are using stolen credentials bought on the Dark Web from earlier data breaches to break into seller accounts. Once in, they can change the bank-deposit information for the account to siphon off sales. They’re also post “deals” on Amazon that are anything but—the merchandise advertised is nonexistent. The bad guys offer four-week shipping, hoping to get paid before Amazon (or the recipient) cops onto the fraud.

“The Amazon hack is an example of how identity has become the new attack vector, and hackers are all over that fact—taking stolen credentials from one breach and using them to access another website, all because a person chose to reuse a password across multiple sites,” said SailPoint president and co-founder Kevin Cunningham, via email. “This illustrates an interesting ‘chaining’ or ‘domino effect’ that data breaches can have across multiple organizations.”

Full Article. Hackers Count on Password Reuse in Amazon Third-Party Seller Campaign
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top