Some things to note for the wary seller: not only will you not have a record of these people buying your products, you should be able to confirm with Amazon that no purchase was ever made. After all, how many sellers would be aware somebody went to the trouble of creating a fake receipt generator in the first place? The gag here is that the scammer is relying on the seller not checking the details and accepting the printout at face value. What happens once our scammer is armed with his fake receipt? Well, many sellers on Amazon will ask you to send them a copy of your receipt should you run into trouble, have orders go missing, lose your license key for a piece of software, and so on. Note the small details, such as “Total before tax”, “Sales tax” and other touches that make it as convincing as possible. It’s a pretty good facsimile of a genuine Amazon receipt – I just logged into my Amazon account, hit the “Printable Order Summary” button on an old order and it’s identical to the above. When they hit “Generate”, a html file is created in the program folder which looks like this: Additionally, it allows them to choose between the. They can fill in a variety of information, including item name, price and the date the order was taken. This is what the would-be social engineer sees when they fire up the program:
This is a particularly interesting scam, as it doesn’t target regular PC users – it targets the people who sell you things, such as the merchants on Amazon. Here is the file in question:Ī “receipt generator”, I hear you ask – what do people want with one of those? The answer, of course, is rather straightforward: Above, you can see a vaguely optimistic VirusTotal user summary in relation to a file that’s been doing the rounds for about a month or two, according to GFI Software.
0 kommentar(er)
