Amazon’s Self-Publishing Service A Target for Fraudsters

Authors using Amazon’s self-publishing service have more on their minds than selling books: Reports have surfaced that some have become the target of cybercriminals.

Brian Krebs of KrebsOnSecurity explained how the thieves have stolen authors’ identities and used them to launder money: Hackers upload fake but expensive paperback titles (one was sold for a whopping $555 per copy) to the stolen authors’ accounts on Amazon’s CreateSpace service. The cybercriminals then “buy” dozens of books, transferring funds to bank accounts. Authors usually receive 60 percent of a book’s list price.

Patrick Reames is one of the authors who have been scammed. He received a 1099 tax form from Amazon stating that he had made $24,000 last year. After some research, Reames discovered that someone else had published a book filled with gibberish called “Lower Days Ahead” under his name and account.

“This book is very unlikely to ever sell on its own, much less sell enough copies in 12 weeks to generate that level of revenue,” Reames told Krebs. “As such, I assume it was used for money laundering, in addition to tax fraud/evasion, by using my Social Security number.”

Amazon said it was working to put a stop to the scam, but so far Reames said the company has been unwilling to issue him a corrected 1099.

“The security of Amazon accounts is one of our highest priorities, and we have policies and security measures in place to help protect them,” the company said in a statement. “Whenever we become aware of actions like the ones you describe, we take steps to stop them.”

Amazon also announced that anyone who thinks they have been affected by the scam should contact customer support, while people who received erroneous 1099 forms should contact the company at 1099@amazon.com.

Last year, hackers targeted merchants who sell goods on Amazon’s marketplace, with cybercriminals changing bank deposit information on merchants’ Amazon accounts in order to steal tens of thousands of dollars from each. Amazon sellers also reported that their accounts had been hacked by criminals to post nonexistent merchandise.

“Hacking Amazon is becoming … increasingly a big deal,” said Juozas Kaziukėnas, chief executive of Marketplace Pulse, a business intelligence firm focused on eCommerce. “The value to be gained is bigger as Amazon grows.”