c’t reveals: Refund fraud at Amazon & Co.

It sounds too good, and yet it is true: You can order an iPhone from Amazon, get the money back and still keep the device – or, to be more precise, withhold it. Because of course this is not legal, even if such offers can be found on the bargain hunter channels of the messenger Telegram and you could get the impression that there is nothing bad about it.

For more than six months, c’t researched in the area of ​​refund fraudsters and in particular examined the methods of the German Refund Crew – whose Telegram group with several hundred participants was taken over by the Federal Criminal Police Office in a large-scale campaign against Darknet fraudsters at the end of October 2020 and then evaluated has been. Now not only the members of the organization, but also the customers are in the crosshairs of the investigation.

More from c't magazine

More from c't magazine

The current forms of refund fraud are the scammers ‘reactions to online retailers’ protective measures. In the past, for example, dozens of smartphones and other high-quality entertainment electronics were bought on account by straw people – the goods were sold on eBay or in secret, without ever paying the bill.

When online retailers became more cautious about buying on account, the fraudsters misused the bank details or credit cards of unsuspecting victims and ordered lots of goods under false names – the delivery was then made to a different address. In the meantime, retailers have also reacted to this and in some cases have AI systems examined to determine whether a new order matches the customer’s previous history or is somehow suspicious.

With their current scams, the fraudsters tackle two points: on the one hand, they are leveraging the so-called anti-fraud measures of the retailers to prevent fraud, on the other hand, the customers receive a guaranteed brand new original product from a trustworthy online retailer. In addition, the new business is less complex and carries fewer risks for the fraudsters, because they no longer have to order, pack and send goods via straw people – and thus leave no fingerprints or DNA traces that could be used to convict them. The activity is essentially limited to coaching and a few phone calls with the dealer to get the money back for their customers.

This was also the business model of the German Refund Crew, whose Telegram group we came across shortly after it was founded in mid-2020. The offer included the procurement of goods via online retailers such as Amazon and Zalando, the fee for the all-round service including coaching and telephone service for the reimbursement was between 20 and 27 percent of the value of the goods, payable in Bitcoin or to a PayPal account.

In addition to the money, the criminals also demanded a real data striptease: In addition to their name, address and email address, customers also had to provide credit card details, the Telegram account and of course a list of the goods they ordered. This enabled the German Refund Crew to ensure that they were not being cheated themselves – and could have blackmailed customers at will by passing the data on to the investigative authorities. Such data collections are worth gold for investigators, especially since they are the real names and addresses of the customers.

In c’t 5/2021 we tested 25 different password managers for you. In addition to the functionality, we also explicitly examined how data protection-friendly the candidates are. In the second focus, we looked at how to disinfect IT devices – always advisable, but especially in times of Corona, when users share devices. If you are considering buying your own device, you might find the right sweetheart in our test of premium notebooks. c’t 5/2021 also comes up with tips for Thunderbird add-ons, an introduction to the Lua programming language and much more. The issue is from February 12, 2021 in Heise shop and available at the well-stocked magazine kiosk.

To home page