Amazon is seemingly taking action against a handful of technology accessory makers after a data breach exposed a fake reviews scam. As first reported by SafetyDetectives, a myriad of Amazon vendors were found to offer free products in exchange for positive fake reviews. Popular Apple accessory makers such as Aukey have also completely disappeared from Amazon.
The report explains that the people who provided the fake reviews would buy the products from Amazon, then leave a 5-star review a few days later. Once they posted their review, the company would pay the customer directly via PayPal, reimbursing them for the price of the product.
The details of this program were exposed in a data breach that revealed more than 13 million records:
More than 13 million records, equating to 7GB of data, were exposed when the unclaimed ElasticSearch server was left open without any password protection or encryption. The personal data of people providing fake reviews, as well as Amazon vendors, could be found in leaked messages on the database.
The key here was for the companies to avoid detection by Amazon’s moderation platform. This is why nearly all communication was handled externally, often via WhatsApp and Signal platforms, and why payments were sent via PayPal.
In many instances, the Amazon vendors would reach out to customers directly and ask if they’d like to join programs such as their “reviewer reward program.”
Unassuming people may have been targeted by Amazon vendors with the offer of free products in return for a review. Vendors use ‘professional’ language to present the offer as legitimate trade, utilizing phrases like ‘testing’ and ‘free product trials’ when they message prospective reviewers. This is certainly the case in the database we detected.
The server contained a treasure trove of direct messages between Amazon vendors and customers willing to provide fake reviews in exchange for free products. In total, 13,124,962 of these records (or 7 GB of data) have been exposed in the breach, potentially implicating more than 200,000 people in unethical activities.
Specific information about which brands are implicated remains unclear, and the initial coverage of the data leak from SafetyDetectives does not mention any specific brands. With that being said, however, accessories from popular companies such as Tomtop, Aukey, and Mpow have been completely removed from Amazon today, indicating that they are among the vendors implicated in this scheme. This was first spotted by Digital Trends.
If you search for Aukey on Amazon today, you’ll find that nearly every product has been removed. Aukey had previously sold an array of technology accessories, including cables, adapters, wireless chargers, and more. Aukey had even ventured into the MagSafe arena, though not with official MagSafe certification. Tacklife, owned by the same parent company as Aukey, is also affected.
Amazon and Aukey have not yet commented on this situation, but we will update if they do. In the meantime, you can read the full report on the data breach on the SafetyDetectives website.
FTC: We use income earning auto affiliate links. More.
Comments