TechNewsPro_Masthead_2.jpg

The latest in NEWS, RESOURCES and JOBS

Lower the TCO of your legacy data wareho
Talend_Banner_728x90px_v1.jpg
  • Sahriar Shuvo - Tech Journalist

A recent data breach exposed thousands of fake reviews on Amazon

There are plenty of services exposed throughout the years that reveals service reviews. Large organisations hold hundreds and thousands of people under their wings who write fake reviews and we are not new in this scene. A recent data breach exposed thousands of fake reviews on Amazon. It was an unsecured database that managed to find its way to cybersecurity researchers.

Due to an open database breach, over 200,000 people got exposed to this scheme. Amazon fraudulent product review scheme doesn’t come as a surprise due to many products introduced to the platform every day. E-commerce battles are great, and many large companies pay huge money to do more business than the competition. But to compare with Amazon is not an easy task. One of the thoughts behind it is that competing e-commerce platforms are doing shady things. As Googles, new term contains, it will degrade the ranking algorithm for fraudulent data repetition.


The news spread on May 7th; reviewers receive the products for free in exchange for a five-star review. After the public feedback is complete, customers are paid in private, mainly through PayPal. It was previously recorded for a small number of products, but this time, cybersecurity teams proved and announced it in front of the world. It is not possible to hide this kind of shady behaviour under Amazon’s radar. As the market is thriving for a long time, there is no space to fill it with activities that may hamper the healthy environment. Data was captured from an open ElasticSearch server.



SafetyDetectives cybersecurity team published news on the breach. The exposed server contained a treasure trove of messages. Those are direct messages between customers and Amazon vendors. Most of them were related to receiving free product in exchange for a review. Almost 7 GB of data has been collected, and it has 13,124,962 records. More than 200,000 people are affected by this breach, according to them.


The outcome from open ElasticSearch falls under the “fake review” of products category. Buyers had to write a review on the merchandise after receiving it in a few days. Once done, fake reviewers would send their amazon profile link alongside PayPal details. Once the review is posted, they are paid, and the product is kept free. They are refunding the money, which is making reviews look legitimate.



Data Leak

We learned 13 million records were found with user email, location, phone number, ID name, and payment details. Series of fake reviews done via duplicate accounts and product interactions have also been recorded. In total, 75,000 Amazon profiles are exposed in a JSON file. It is possible to retrieve those accounts using the security information on the data dump.

“The server appeared to be located in China”, Cybersecurity researchers said, and “it is thought the leak affected citizens from Europe and the USA at a minimum.” Refund payments are made automatically in Amazon, making it harder to track similar fraudulent activity quickly. Vendors and reviews were written in Chinese, experts said, and it’s why they think the owners are also from China. ElasticSearch discovered the initial breach on March 1st, but they announced it to the public after securing the data after a few days. Outside parties are blocked from accessing the server. There are plenty of Amazon vendors running similar scams. It is also possible that large companies owned the server and are behind the action.

The review moderation team is running filters to avoid this type of incident further. Fake reviews are part of the reason why people still judge online marketplace.


The vendors use professional wording in communication mediums to avoid detection and avoid keywords that might trigger the whole operation. All means of flagging the protocols have been avoided brilliantly. Many of these vendors offer professional services as they would just send in the product and even write an excellent review of the product. Most reviewers know what they are getting into, and some aren’t.


Server owners have committed several fraudulent activities. They will receive misleading marketing material and damage to business offence punishment. According to Amazon’s terms and service agreement, they may choose to pursue legal action. GDPR protects damage to European citizens. They can charge up to $100 million against the organisations.

Furthermore, those who use online marketplace services should be careful before judging a product only by reviews. Checking usernames and appropriate reporting on a suspect is a good way to notice authority. For cross-checking, reviews account, relevancy, patterns etc., are vital signs.

Element_300x600_June_2.jpg

LATEST RESOURCES

 

 

Parting the clouds. 

for greater security

Covid-19 has landed CSOs a unique opportunity to embrace web isolation.

Eliminate malware threats with zero trust 

Isolation-powered security provides full protection against email and Web based threats.

7 Customer Service Mistakes Companies Should Avoid Making

2020 was a tumultuous year but it did bring customer service back to the forefront of the business planning agenda for 2021. As you plan and prioritise your initiatives, it is important to avoid mistakes.

Integrating Compliance into Innovation: Taking Control Over Customer Communications

Compliance is one of those areas that is better off unnoticed. When compliance does get attention, it is usually because something has gone wrong and that is something that keeps executives up at night. It is easy to see why. 

Artificial Intelligence Based COVID Signature

Detection Software

The software takes the X-Rays and CT scans in digital format and analyses the X-Ray reports through uploading the images which is followed by detailed report about the patient suffering from COVID19 or similar ailments.

Six Steps to Drive Your

Process Center of Excellence to Success

Find out why yo need a center of excellence - and how save you time and money while improving experiences for both your customers and employees. 

Steps to Deliver Data You Can trust at the Speed of Business

Why trusted data is the key to digital transformation. Discover and cleanse your data. 

Organise data you can trust and empower people

Automate your data pipelines and enable data access.

2021 Threat Report 

Four Key Trends in the Cyber-Threat Landscape.

The security implications of remote working, SaaS takeover, rise of fearware, server side attacks, ransomware and Darktrace immune system.

Safe, inclusive communications for the University of Innsbruck

The open matrix is the foundation for secure, collaborative academic research and learning. Keen to support its learning culture, the university wanted to introduce a real time messaging system. 

Darktrace_Logo_Main.png
Element_Logo.jpg
eGain_logo.jpg
talend_Logo.png
MenloSecurity_Signature_Purple_RGB.jpg
MenloSecurity_Signature_Purple_RGB.jpg
nintex_logo.png
GMC_Software_Logo.jpg

    SUBSCRIBE

to our latest RESOURCES

to keep up to date with the

latest whitepapers

WP_GMC_Cover.jpg
WP_bold360_Cover.jpg