Search
  • Brett Johnson

Amazon Refunding: Meat and Potatoes for the Cybercrime World

Updated: Aug 13, 2019



So, you are new to the cybercrime world. You have read countless articles, researched various crimes, heard of the profit some cybercriminals make. You may have read about the millions of dollars Ross Ulbricht earned with Silk Road, or how Dmitry Golubov used some of his ill-gotten gains to start a major political party in the Ukraine. Hell, you may have even read how I used to steal $160,00+ weekly from the IRS.


So, you are hooked. You see dollar signs. And you decide it is time to get rich or die trying. Well, not really die. After all, this is computer crime. Chances of you being killed committing these crimes is near zero. Probably less than zero. Chances of you being caught are better, but still very, very low. You figure, “Hell, Why not? Let’s go!”


You google everything you can think of. You likely find a few Clearnet cybercrime forums and marketplaces which you visit and join. You likely get ripped off. You are a newbie and you are under the mistaken impression that this stuff is easier than it actually is. You get taken buying dead or fake credit card information, worthless tutorials, carded goods at cheap, cheap, cheap (Cheap!) prices, debit cards with pin numbers, or any number of countless things newbies in the cybercrime world eagerly fall for.


So now you are out of money, getting desperate, and still looking for the big score. At some point you learn how to download and use the TOR browser. Maybe you read about AlphaBay on Reddit and decide that is your best bet because, hey, at least people over there are getting product and evidently making money.


So you go to Alphabay, and whoa. Looks like this is what you were looking for. Drugs for sale. Credit cards, bank accounts, plane tickets, money transfers, all kinds of stuff. And let’s not forget that everything is reviewed and vouched for by some 240,000 members. So you give it a try. Maybe you buy some CVVs and try to order something online. You buy five or ten and try to hit Amazon, or Apple, or even Dell. And what happens? Nothing. Didn’t work. Again, you’ve lost your money. So you decide it is time to buy one of the tutorials listed and vouched for by members. You buy it and follow it step-by-step. And what happens? Same thing. SSDD—Same Shit, Different Day. Maybe you think of that line from the film, “Training Day”, about how the definition of crazy is doing the same thing over and over and expecting different results. You’ve tried and tried and what have you got? Nothing. You don’t have anything except a lighter pocketbook. And now you are really starting to understand that this stuff is much harder than it seems.


But now you are invested, committed even—kind of like that turkey at Thanksgiving. At this point you may be out some serious funds between the scams you have fallen for and the wasted projects you have attempted without having the necessary knowledge to pull off. But you see people posting about making $20,000 a week. And maybe you’ve been successful and carded some food, maybe pizza. Perhaps someone has told you or you have read that everything you need to be successful is actually free to read on the forums. So now you understand you need to take the time to educate yourself on the various crimes and criminal products available. And now you understand that takes time. Maybe a lot of time.

But that’s the problem, education takes time. Right? How are you going to eat? How are you going to pay your bills while learning the ins and outs of cybercrime? It took me years, many years, to get to the point where I made $30,000 a month. Of course, a year after that I was pulling in $160,000 a week. But you ain’t got years. You need money now. What the hell do you do?


Usually, this is the point where many would-be cyber crooks throw in the towel. They realize that this business isn’t for them and they give up their dreams of being the next internet godfather like, well, like I used to be.


Time have changed, though. Cybercrime is becoming and has become a service. Now, aspiring cybercriminals or just the technically illiterate thief can pay someone to do the crime for them. These services include, but damn sure aren’t limited to, carding, ripping off payment processors, phishing, installing ransomware, and the favorite of novice criminals everywhere: Refunding.


His username on AlphaBay is TrivialEngineer. Trivial provides the top refunding service on the Dark Web. What is a refunding service? Well, an individual orders an expensive product from Amazon, Apple, the Microsoft Store, or countless others and then pays TrivialEngineer a percentage of the dollar amount ordered to get the entire cost refunded back to the buyer.


Let’s go through the process.


I go to Amazon and find something for under $1500 that will resell quickly either on eBay, Craigslist, or some other favorite of people trying to fence stolen items. Maybe I decide on a MacBook, or a new top shelf iPhone. People LOVE Apple items; they sell quickly and at near retail. I want to make sure the item I am buying is sold and fulfilled by Amazon. That is important. I can target a product that is sold by someone other than Amazon and still fulfilled by Amazon, but my return won’t be as good. I’m looking for as much bang for my buck as I can get.


So I find my iPhone 7Plus 256GB and I buy it in my real name, being shipped to my real address.


I also sign on for the trial version of Amazon Prime while I am at it.


I select 2 Day Free Prime Shipping and let Amazon send me my shiny bauble.


Delivery day. Ideally, I want the delivery driver to leave the package at the front door without collecting a signature. Usually with items under $1500 the package will always be left at door. If, however, I have to sign for the package--either because Amazon marks it such or because the delivery driver decides to be super-cop--I want to sign with a name different than the one on the package. Or at the least, an illegible name.


So, now I have product in hand. Time to contact TrivialEngineer. I head over to the AlphaBay Marketplace and pay TrivialEngineer somewhere between 7%-12% of the order total via Bitcoin (BTC). Why the difference in payment prices? Well, it depends on if I just want a simple refund or if I want a “Double Dip”. A Double Dip is where Amazon will replace the product and then also refund the entire purchase price of said product.


I opt for the Double Dip. I send TrivialEngineer over 12% of the retail price in BTC. I also send him over complete order details so he can do his magic. And I wait.


Usually within a day I receive email notification that Amazon is sending out a replacement and that they are sorry for the trouble.


Once I receive the replacement iPhone 7Plus 256GB (Yay! Now I have 2!), I contact TrivialEngineer and tell him I have received the replacement.


Now, Trivial goes to work on the refund. The refund after replacement tends to take more time, sometimes a couple of weeks. But the refund comes. Deposited direct to my bank account with an apology from Amazon. Man, they really have good customer service!


I’ve bought one iPhone 7plus 256GB for a bit over $900. I’ve received it, plus another just like it, and I’ve had my money refunded. Nice. Think I need to try that again.


What has actually happened here? Let us break it down and walk you through it.


First, Amazon and a lot of these other companies have stellar customer service. They bend over backward to assist and make the customer happy. Amazon MAY be at the top of the heap in this respect. Now, certainly, there is a small percentage of packages which are lost in transit, stolen from porches or by mail carriers, damaged in transit, contain incorrect items, etc., etc. When that happens, these companies tend not to ask many questions and just process a quick replacement or refund. The whole refunding scam takes advantage of this situation to an extreme degree.


The details:


I buy that iPhone on Amazon.


I want it sold and fulfilled by Amazon. Why? Amazon is a huge place. The chances of the scam being successful increase because of the size of Amazon’s business. Legitimate complaints come in every day like my fake complaint. It isn’t really going to be questioned. It’s just going to be put through. The overall circle of complaints is so large that nothing is really ever questioned. And I can often get a replacement AND a refund. If I choose an item sold by another but still fulfilled by Amazon, the scam still works. The problem with this is that I can only get a refund when doing this, not a replacement and refund. Why? Because I have just made the circle of complaints much smaller. I’ve also just hit a small business owner who is going to raise hell about the shipment and demand an investigation. A replacement is out of the question. A refund is a certainty, though. Amazon errs on the side of the customer and will process a refund super quick. So, I am still good to go. For an item sold by and fulfilled by another? Success is much more limited. I likely won’t even get a refund and the effort involved isn’t worth it.


I also sign on to the trial version of Amazon Prime. Why? Because it gets me free 2-Day shipping. More importantly, when an Amazon representative looks up my account they see I am a Prime member and they are more friendly, understanding, cooperative, and pliable. I always want to be a Prime member when scamming Amazon. Just easier business all around.


So, I have received the item and I want a replacement. How do I do that? Or how does TrivialEngineer do that? If the package was left on the porch or signed with a fake name usually Amazon is told that the package never arrived. Other excuses used include that nothing was in the box, or the wrong item in the box, or that only a partial shipment arrived. Another excuse is that the battery leaked all over the shipment or that the item was horribly damaged.


And those are really the only excuses given. For the refund after the replacement is sent, these excuses are also used in addition to telling the rep that you are sending the item back and want a refund. On sending the item back, it is often necessary for the scammer to send SOMETHING back to Amazon with the same weight of the item received. This can be trash or anything, just as long as the weight is the same. It is fun to note that the reason sending trash back to Amazon works is that Amazon only weighs the package and then signs off on receipt of product; they don’t check contents until much later, enabling the scammer to shut down the payment card to avoid having those funds deducted from his/her account.


So, how successful is the refunding scam? Very. The initial refund or replacement on accounts, even new accounts, is near 100% on orders under $1500. In fact, it is 100% if the scammer takes the time to age his/her Amazon account by simply buying ANY item before they begin the scam. Yep, order a phone charging cord for $5, let it arrive, then scam the hell out of Amazon for something big. Works 100% of the time. Percentages for the Double Dip Refund are lower, usually in the 70% range and are greatly influenced by the excuse initially given to get the replacement. With numbers like that it is no wonder that would-be cyber criminals are flocking to the refunding game. Many have found it highly profitable. On AlphaBay alone there are several customers of TrivialEngineer who earn in excess of $15,000 per month. TrivialEngineer has earned several hundred thousand dollars by simply doing online chats with Amazon Reps and claiming the above excuses to get a refund or replacement. Amazon is currently losing several million dollars a month to this specific type of fraud.


And this isn’t confined to Amazon. Currently, the Microsoft Store can be hit easily for anything under $3500. Apple can be hit for $2000 with no problems. And it isn’t just electronics. A ready list of stores includes Nike, Footlocker, Zappos, Armani, Gucci, Rolex (to $4000), any car parts store, and many, many more. In fact, for any specific item you can order online and have it shipped to you there is a way to have it refunded.

So the question becomes, “Haven’t any of these companies done anything to stop it?” Or “Can’t any of these companies do anything to stop it?”


Certainly, measures have been enacted. Some of these companies now require a police report in order to issue a refund. Of course, this has already been defeated. Currently, one can buy a fake police report on AlphaBay for under $10. Amazon and other companies don’t verify the police report, so this works like a charm. Companies are now starting to follow up with investigations of varying degrees; an online store may check the warehouse about the actual shipment, the shipping agent regarding delivery details, their internal company systems in an attempt to identify scammers using different names and addresses, and a variety of other things.


Of course, none of that has really stopped the problem. It has curtailed it to a degree, but refunding remains a profitable enterprise for many dark web citizens.


Some of the things which are working and are being bandied about by security officials are much more promising. These include shipping high risk fraud items via Direct Signature Required. Or leaving those same items at a local pick up station where the recipient must go to get them. Other measures being enacted include weighing and photographing the items as they are being packaged and shipped, having the shipping agent verify and document exactly where the item was delivered and who signed for it (Amazon recently started this). Also, RFID type tracking devices which can be used to assure the package was delivered to the correct address. A few companies are also following up on submitted police reports to verify their authenticity.


Those are a few of the steps being taken. Others are in the works. Refunding fraud has become such a problem that some companies are hiring fraud experts solely to combat the problem. Recently, Amazon posted a position for a security expert with refunding fraud specifically highlighted.


The answer to stop the problem is not a simple one. This type of scam works by using the rules of the company and good customer service against the very company trying to do good. Likely, a combination of all of the above measures along with other security techniques not mentioned here will have to be implemented to curtail the problem.


Certainly, refund fraud isn’t going to go away. And with Christmas season upon us, it looks as if many cyber crooks will be saying, “Ho, Ho, Ho!” to Jeff Bezos and Company.


#friendlyfraud #refunding #cybercrime #identitytheft #firstpartyfraud #cnp #identitytheft #fraud

82 views