Police forces around the UK are warning about a telephone scam that has tricked people out of hundreds of thousands of pounds.
The scheme sees fraudsters pretend to be from Amazon to con victims into handing over their bank details.
Action Fraud, the national reporting centre for fraud and cybercrime, has received hundreds of calls about the scam since last September - of which at least 200 were from people who were tricked out of more than £400,000 in total.
How it works
The scam begins with an automated call telling victims that a fraudster has used their personnal details to sign up for an Amazon Prime subscription. The victim is then instructed to press 1 to cancel the transaction.
When they do this, they are directly connected to a scammer posing as an Amazon customer service representative.
The criminal again tells the victim that an Amazon Prime subscription was purchased fraudulently and that they need remote access to the victim's computer to fix a security flaw so that it won't happen again.
The victim is told to download an application called Team Viewer, which gives the criminal access to the victim's computer.
The victim is then asked to log on to their online banking account, at which point the fraudster can steal their banking details or even distract the victim while money is transferred out of their account.
What you need to do
PCSO Nathan Stuart, a fraud ambassador for North Yorkshire Police, said: “If you receive a phonecall claiming to be from Amazon, offering you a refund or asking you to log on to your account, do not proceed with this. Hang up the call.
“You are not obliged to speak to them. Do not share any information with the caller.”
Amazon said: "If you receive a suspicious phone call, email or text message claiming to be from Amazon, asking for payment, personal information or offering a refund you do not expect, please do not share any personal information, and disconnect any phone call immediately.
“You can report spam calls via Action Fraud. Please also note that Amazon will never ask for your personal information, or ask you to make a payment outside of our website.
"If you received an e-mail regarding an order or Prime membership, or anything that you don’t recognise, please forward the e-mail to firstname.lastname@example.org
and then delete it. Do not click on any links in such emails."
Pauline Smith, head of Action Fraud, said: "Unsolicited requests to remote access your computer should always raise a red flag. It's easy to feel embarrassed when faced with unexpected or complex conversations but it's okay to stop the discussion if you do not feel in control of it.
"If you've received an unexpected phone call, or other communication, stop and take a minute to think about whether an organisation would get in touch with you out of the blue in this way. Instead, contact them directly using a known email or phone number."
You should never install any software on your computer as a result of a cold call, she added.