[ad_1]
We all know those dreaded streaming app screens that pop up on our smart TVs just when we get comfortable on the couch, ready to watch that new latest release.
Perhaps it’s an activation screen for that newly downloaded streaming app. Or maybe it’s that dastardly prompt that lets you know the app has internet connection issues. All of us can agree those screens are annoying. However, they’re also turning out to be quite lucrative for scammers.
Beware the QR code scams
The Amazon TV prompt that appeared for the victim in our report.
Credit: Mashable
Mashable spoke to a victim of this scheme who was recently scammed out of $700. The individual was simply trying to get Amazon Prime Video service to load on their smart TV when they received a prompt about an “Internet Connectivity Problem.”
If you experience a message like this on your smart TV and simply restarting your modem doesn’t fix the issue, Amazon’s on-screen prompt recommends going to www.amazon.com/videohelp for additional troubleshooting tips. If the user inputs that URL directly into their web browser, they are forwarded to an official Amazon support page.
However, not all users do that. Many people input URLs as a search query in Google, which gives scammers their opening. The only thing bad actors need to do is create a fake web page that looks convincingly like Amazon and its Prime Video service, optimize them so these fraudulent pages appear high in search engine results pages. Now they’re ready to extract money from their targets.
In this particular example, the victim who reached out to Mashable explained that they input the real Amazon URL into Google search and then clicked on a page found at “www.gjit.online/tvmounting.php.” The main website found at “www.Gjit.online” purports to be a website development service. However, that one URL found in Google search looks much different from the rest of the website.
The scammer’s fake Prime Video activation page.
Credit: Mashable Screenshot
“Register your compatible TV or devices,” reads the page. “Enter the code shown on your TV or device to register it with your Prime account.”
From here, there are two possible paths where users could be scammed.
For the victim dealing with a separate “internet connectivity” issue, there’s also a 1-888 number at the top of the page posing as an Amazon support contact. However, if you were to continue and input a code, users would be forwarded to a page reading “Congratulations! Click here to activate Prime.” The page uses Amazon graphics, but if you were to look at the URL, you’d see that the user was forwarded to yet another website located at “rokgwebsolution.com”
The prompt on the fake Amazon Prime Video page when inputting your code.
Credit: Mashable Screenshot
Clicking “Activate Prime forwards the user to a request to call yet another 1-888 number labeled as “Prime Support” for “account validation.”
In both scenarios, the scammers are pushing the user to call a toll-free number disguised as Amazon Prime support. Once the victim called the support number, they were told they needed to subscribe to a new plan in order to activate their Prime Video on their television. The scammer convinces the victim to subscribe to a $699 lifetime plan, a plan which Amazon itself does not offer. The victim pays the scammer via PayPal. According to the victim, the email attached to the scam is “[email protected]”
The final request from the scammer’s page: call them.
Credit: Mashable Screenshot
Once the victim sees that their payment does not fix their issue, they contacted PayPal and their credit card company, finally realizing they were scammed. The scammers even called the victim back and attempted to convince them that their service was legitimate. (Note: It is not.)
Mashable previously covered a similar scam that was targeting YouTube users who were trying to activate their account on a smart TV. Scammers would create fake pages that spoofed the Google activation site. Many times, they would use the company’s own free website creator, Google Sites, as these often rank well in Google’s search engine and appear legitimate to unsuspecting victims as “Google” appears in the web address.
An example of a page made with Google Sites being used in this scam.
Credit: Mashable Screenshot
A quick Google search using keywords similar to the customer service URL Amazon pulled up a scam website spoofing Amazon that was using a Google Sites page. This website also asks a user to input a TV activation code, however this time utilizing Google Forms to get the information. Upon submitting the TV activation code, the user is told that they are “temporarily” locked out of their account and need to call the provided toll-free number to contact Amazon.
Scammer’s are even using Google Forms to carry out their fraud.
Credit: Mashable Screenshot
If you are someone who fell for this scam and gave these scammers your TV activation code, don’t worry. There’s nothing they can do with that information. The part where they ask for your code is simply an effort to legitimize their website. No matter what code you give, the website is set up to tell you that there’s been some sort of error and you need to call the number.
Once you’re on the phone, that’s when the scammers use social engineering to trick their victims into paying them to fix or activate their account.
Streaming service users should beware of this scam as its clear fraudsters are diversifying which platforms to bring into their scheme. Always input the company’s URL directly into the web browser and be sure you are on an official website before calling a phone number that’s provided. For now, this scam requires that a potential victim pick up the phone and call the scammer. By following these simple best practices, you’ll basically become immune to this particular scam.
[ad_2]
Source link