Amazon Supplier Fraud

Interesting story of an Amazon supplier fraud:

According to the indictment, the brothers swapped ASINs for items Amazon ordered to send large quantities of different goods instead. In one instance, Amazon ordered 12 canisters of disinfectant spray costing $94.03. The defendants allegedly shipped 7,000 toothbrushes costing $94.03 each, using the code for the disinfectant spray, and later billed Amazon for over $650,000.

In another instance, Amazon ordered a single bottle of designer perfume for $289.78. In response, according to the indictment, the defendants sent 927 plastic beard trimmers costing $289.79 each, using the ASIN for the perfume. Prosecutors say the brothers frequently shipped and charged Amazon for more than 10,000 units of an item when it had requested fewer than 100. Once Amazon detected the fraud and shut down their accounts, the brothers allegedly tried to open new ones using fake names, different email addresses, and VPNs to obscure their identity.

It all worked because Amazon is so huge that everything is automated.

Tags: , , ,

Posted on August 26, 2020 at 6:31 AM30 Comments

Comments

Clive Robinson August 26, 2020 7:58 AM

@ Bruce,

It all worked because Amazon is so huge that everything is automated.

As in many things good transparency and good oversight stops crime fairly quickly, often before it begins.

A lesson other large organisations like the EU and US governments could learn from but for more than half a century has looked the other way mumbling “move along now nothing to see, move along”…

The joke of Amazon is of course that they spend so much money observing the “pennies” in the warehouse they miss the big money scams altogether.

Especially as they are often to busy scaming those who sell product through them…

Bart August 26, 2020 8:03 AM

This is very reminiscent of similar scams that were used with the US Military yet different. Regular orders would be vetted for price, but “emergency replacements” for in the field would not. Some people got on to that and started delivering nuts and washers for $100/piece.
If the heap is large enough those crumbs will go unnoticed for a long time.

Chad Elliott August 26, 2020 8:09 AM

I read about this a few days ago and was in awe at how they got away with this for so long. The lack of oversight and security on Amazon’s part is just crazy. It also seems like Amazon has more than a few holes that may need to be filled in their tracking system.

Phaete August 26, 2020 9:16 AM

Nevermind the faked ASIN/products

Who designed the software to accept 7000 where 12 were ordered, or 972 where 1 was ordered.
If product numbers are the same, its easy to let the software make the mistake, but for different quantities it is just gross negligence on their part (at least i assume so since they glance over this huge red light)

Amazon ordered 12, defendants allegedly shipped 7,000
Amazon ordered a single bottle, the defendants sent 927

Anyone who writes software to accept this, or manager who approves blindly without checking alarms should be fired for incompetence.

Amazon is just spinning their incompetence into a sad sob story.

Alex August 26, 2020 9:39 AM

If Amazon has built a complex system that has holes in it, how do people figure out where the holes are? How did people learn that they could send toothbrushes intead of disinfectant spray, and that Amaon wouldn’t detect it? How did people learn that they could send 7,000 units instead of 12?

echo August 26, 2020 9:47 AM

Why anybody would buy a bottle of £300 perfume off Amazon I don’t know. The risk of a fake is so high I’d rather buy from a franchise or direct. Not only that I expect at least some flattery for paying such an obscene amount not a brown anonymous box. Reading reviews on Amazon UK the DHC cleanser on there is a fake or the reviews are deliberate sabotage. Either way it has been lurking on there for ages.

I’m vague on the details but on mainland Europe the warehouses of retailers who own their own warehouses have to supply goods to other retailers at cost price. This helps counter some of the monopoly aspects of the big supermarkets. I don’t see why a similar principle can’t be extended to Amazon. The thing is Amazon is so pervasive and the market is so fractured you get monopolies arise like Amazon. It’s especially bad where you get a company under very slack US law expand into foreign territories such as UK/EU and leverage their monopoly. This wouldn’t be so bad if Amazon paid their taxes like the rest of us but they don’t. Not that UK retailers get off Scott free either. I dislike them using their local monopoly power to size market or “improve the quality of their profits” by jacking up margins.

I think when you have insanely large retail outlets make a fat margin off the volume of extremely slim margins or large for the market retail outlets greedily eye 30% margins something is going a little awry.

Somewhere at the bottom of this are lies about margins and inflation and unemployment figures and poverty and property prices and capital. Somebody is doing well out of it.

echo August 26, 2020 9:49 AM

@alex

If Amazon has built a complex system that has holes in it, how do people figure out where the holes are? How did people learn that they could send toothbrushes intead of disinfectant spray, and that Amaon wouldn’t detect it? How did people learn that they could send 7,000 units instead of 12?

Either somebody made a genuine mistake once and blabbed or it was an inside job or both. This is not new. The original source may never be known.

John August 26, 2020 10:07 AM

I clicked hoping there would be a good way to actually get a real, working, 64G microSD through amazon, not a fake.
Guess not.
Are they still mixing items from different suppliers?

JonKnowsNothing August 26, 2020 11:57 AM

@Phaete

re:

Who designed the software to accept 7000 where 12 were ordered, or 972 where 1 was ordered….

Many inventory management systems cannot tell if it a delivery is a partial order vs a full order.

ex:
  A orders 100 of X from B
  B delivers that in 3 deliveries of 1, 75, 24 over N-days/months/years
or
  B delivers 100, the entire order at one time.

Additionally every vendor has their own internal sets of inventory numbers in addition to international codes, bar codes and other ID marks. They also have their own internal descriptions.

ex:
  A orders 100 Full-Fail-Items Amazon Code 0007 from B
  B ships 100 Full-Item-Fail B Coded 7000 to A

Yes inventory systems are supposed to check for this but historically it is the human person in product management, inventory and receiving that notices something is Not Right. Even so, inventory systems are rife with errors because what is actually IN the warehouse is NOT what’s IN the computer system.

A good portion of large volume transactions are automated similar to the stock exchanges and are subject to manipulation the same way (lots of stories on how that is done and tolerated). Time To Delivery and Automated Reorder Point are open exchanges used with the famous AI/ML determining the issuance of fulfillments. Lots of companies do this and most never audit the deliveries because it never reaches the threshold to trigger one.

It’s all in the WITTB account…

Frank Wilhoit August 26, 2020 12:04 PM

The OP expresses an assumption — unstated, because deemed to be totally obvious — that “huge” implies “stupid”. Independently of whether commonplace experience validates that assumption, it is worth asking why it should be so. The answer has to do with Coase’s Ceiling, a very powerful concept that is not widely understood, but that explains the evident and non-evident dysfunction of [too-]large organizations, whether commercial, governmental, or academic.

JonKnowsNothing August 26, 2020 12:05 PM

What is the WITTB Account?
  You might very well ask…

old-as-dirt Accounting Story

A large company had their regular Big Name Accounting Auditors in every year. The Auditors actually didn’t mind going to that account to dig through tons of paper dust doing foot and tick (before spreadsheets automated it) because the books were always very clean with minimal corrections needed.

A well run company and a well run accounting setup: WOW.

There is a common list of accounting codes used for the General Ledger and all the sub entries for an accounting system. Companies can add more subsections and big companies have a lot of sub-sub-sub-sub-sub sections and sometimes they use different names.

This company had one account called WITTB.

No one thought much about it.

During one visit, one of the auditors asked: What is WITTB?

The answer: What It Takes To Balance.

Phaete August 26, 2020 12:37 PM

@JonKnowsNothing

Many inventory management systems cannot tell if it a delivery is a partial order vs a full order.

A partial delivery can’t be more then the total outstanding.
927 can’t be a partial shipment for ONE (bottle of perfume)

Maybe the fact that i had to help people build and troubleshoot their Access DB’s made my ‘outlook’ a bit more eschewed.

But..

There is something more to the story when an inventory system accepts a delivery almost a thousand fold</> more of what it has ordered.

Either we are not given all the details (like an outstanding order of 5k unique designer perfumes) or there is many much massaging and covering of incompetency of the accepting part of the ordering system.

ps. WITTB is standard practice, you can’t expect everyone to have a receipt every time or be a sore pedantic SOB about every single expenditure your company makes.
Just keep it within marges.

Alex August 26, 2020 1:16 PM

Reminds me of a story where someone was ordering cardboard boxes and getting random items delivered. Turns out the people selling those items were using the same cardboard boxes to pack them but did not cover or remove the barcode corresponding to the box, oops!

JonKnowsNothing August 26, 2020 1:45 PM

@Phaete

re

ps. WITTB is standard practice, you can’t expect everyone to have a receipt every time or be a sore pedantic SOB about every single expenditure your company makes.
Just keep it within marges.

Petty Cash is the place for odd off expenses.

If your company needs a WITTB account to balance their books, you better look for another place to work pdq, because unless there is an industry balancing account practice such as in Banking, it’s a source of fraud and if you are the IT Dudette, you are looking at long haul time inside, which atm is not a very good place to be unless you have already had all 3 variants of COVID-19(ABC).

Banking uses an ACH Balance System to book IN/OUT during the day and reconcile overnight. There is always something that falls out. There are (or were) specialists dedicated to finding out why it doesn’t add up to ZERO.

ex:
  A puts in 100 / B takes out 100 at end of day = even
  A puts in 100 / B puts in 100 end of day balance is +200 OK
  A puts in 100 / B puts in 75 end of day balance shows +200 this is gonna get a check

Loads of bank transit theft is based on timing of reconcile. The SWIFT network for ginormous sums of money in transit isn’t that secure anymore. Many schemes are based on IN/OUT/IN/OUT timing to avoid detection.

It all depends on the accepted Level of Materiality for not only a company but the accountants and bookkeepers and everyone up and down the chain of command, including IT and what is Legally Required, Permitted and Disclosed.

ht tps://en.wikipedia.org/wiki/Materiality_(auditing)

Materiality is a concept or convention within auditing and accounting relating to the importance/significance of an amount, transaction, or discrepancy…[what] is big enough to matter or small enough to be immaterial – depends upon factors such as the size of the organization’s revenues and expenses, and is ultimately a matter of professional judgment

ht tps://en.wikipedia.org/wiki/Enron_scandal

In addition, its complex business model and unethical practices required that the company use accounting limitations to misrepresent earnings and modify the balance sheet to indicate favorable performance

Phaete August 26, 2020 2:22 PM

JonKnowsNothing

If your company needs a WITTB account to balance their books, you better look for another place to work pdq

Please quote fully, as i said, within marges
(for me it’s less then a percent total expend, questions if above dot a percent)

I can show you that almost all off the quote 100 companies use this method for their public year sheets.
Which kind of invalidates your opinion of book keeping, quitting if you work for any of these Quote 100 companies.

No need to further explain some bloody obvious normal corporate processes.

JonKnowsNothing August 26, 2020 3:41 PM

@Phaete

re:

Which kind of invalidates your opinion of book keeping, quitting if you work for any of these Quote 100 companies.

I don’t think so…

ymmv clearly yours does.

echo August 26, 2020 7:48 PM

@Frank Wilhoit

The OP expresses an assumption — unstated, because deemed to be totally obvious — that “huge” implies “stupid”. Independently of whether commonplace experience validates that assumption, it is worth asking why it should be so. The answer has to do with Coase’s Ceiling, a very powerful concept that is not widely understood, but that explains the evident and non-evident dysfunction of [too-]large organizations, whether commercial, governmental, or academic.

There does seem to be a conceit among some circles to accuse another person or group of persons of “being stupid”. This is known as irony “the fifth fundamental force”.

In resultant scholarship using economic models of analysis, prominently including the Coase theorem, theoretical models demonstrated that, when transaction costs are minimized or nonexistent, the legal appropriation of liability diminishes in importance or disappears completely. In other words, parties will arrive at an economically efficient solution that may ignore the legal framework in place.

Oh, this is very much true. I have my issues with US jurisprudence and find the application of this theory on a causual reading off wiki at least to be problematic. There is the odd British judge including one in particular with a scientific background who tried to do science in court in cahoots with an expert witness and created utterly appalling case law everyoe their cat and dog went on to use and misuse. It was so bad both in science and law and opened the door to so many barroom experts and reactive tinpot gods it took the combination of three acts of parliament to overturn.

Unlike Hahnel and Sheeran, the economist Richard Thaler highlights the importance of behavioral economics in explaining the inability to effectively use the Coase Theorem in practice.

So a good theory but not in practice?

Frank Wilhoit August 27, 2020 8:12 AM

@echo :

Coase came up with lots of novel and powerful insights, but the one you cite is not the one I was thinking of.

Coase’s Ceiling, which (I think) is propounded in The Nature of the Firm, states that as organizations grow by adding more people, internal friction grows faster than the number of people, and there is a point (the ceiling) beyond which all of the effort that the organizational is capable of mustering goes to overcoming internal friction. The same is true of mechanical systems: friction is superlinear in the number of moving parts. This, for example, is why it is impossible to build a clock that would run for ten years on a winding, though it would be trivially easy to design such a thing on paper.

So far Coase: my point is that Coase’s Ceiling is lower, and much harder, than anyone thinks. It depends on management styles; notably, it can be pushed up if subunits of the organization (each one below the ceiling) are made effectively autonomous. Historical examples of that insight can be found, but none recent; today’s extremely-low-trust workplaces, even for the highly-educated professions, do not allow it.

echo August 27, 2020 10:11 AM

@Frank

I think the example you cite is better. I’ve vaguely discovered these things myself as large chunks of random learning came together.

I’m interested in “modes of reasoning” and various forms of irrationality and jitter and anxiety which flow from this because it seems responsible for a lot of transaction costs at atomic levels which then bloat hierarchies and add even more layers to resist catching “exceptions”.

C. Northcote Parkinson, Peter Drucker, and David Ogilvy would get nowhere today. Bertrand Russells essays on power and laziness would never make a ripple.

Frank Wilhoit August 27, 2020 12:05 PM

@echo,

This may tie back to the OP (or we may have gone off-topic entirely, who knows).

Low-trust workplaces arise from the fact that no one, at any level of the organization, including the C-suite, actually knows anything. Everyone is busking.

In such an environment, it is impossible to align responsibility and authority, because it is impossible to understand what responsibility actually is. If the business processes are only understood at a cargo-cult level, it is impossible to distinguish between major and minor threats to their integrity.

Now add in the fact (which is not at all widely known or grasped) that accounting rules penalize training.

Then add in the fact that environments of the kind that we are describing select for sociopathy.

I have an idea: let’s run everything like a business…!

j.c. August 27, 2020 5:36 PM

… disinfectant spray … toothbrushes costing $94.03 each, … a single bottle of designer perfume for $289.78. … plastic beard trimmers …

The modus operandi and the chosen products are characteristic of female crime, which is extraordinarily difficult to prosecute due to an endemic gender imbalance in the federal criminal justice system.

https://www.bop.gov/about/statistics/statistics_inmate_gender.jsp

… brothers allegedly tried to open new ones using fake names, different email addresses, and VPNs to obscure their identity.

These “brothers” have distinctly Jewish identities, and it is an extreme stretch of credibility in court to allege that they are going to such a great effort to conceal their dealing in items that tend to appeal to female vendors with a female clientele but are not otherwise illegal or difficult for anyone to obtain or possess.

Once again, ladies of various nationalities are on the lam, and Jewish men (like black men and men of certain other minority races) are being “picked up” for failing to tip their hats to them.

I don't always tell you, but when I do- I tell you what August 27, 2020 8:06 PM

@Bruce,

Not sure you’re comfortable with your platform being used by people like @j.c. to spew their nonsense.

j.c. August 27, 2020 9:56 PM

@ “I don’t always tell you, but when I do- I tell you what”

@Bruce,

Not sure you’re comfortable with your platform being used by people like @j.c. to spew their nonsense.

There’s a lot of nonsense being sold on the big sites, Amazon, eBay, PayPal, etc., with brick-and-mortar bookstores going out of business, and I myself have been victimized by identity theft and financial fraud, like many people. It’s up to the host and moderators to accept or reject comments, or choose whether or not to make them public. There’s a significant degree of hate and greed online and it’s not always entirely clear where it’s coming from.

Bong-Smoking Primitive Monkey-Brained Spook August 28, 2020 12:08 AM

@ j.c.:

and I myself have been victimized by identity theft and financial fraud

“Victimized”, my a**; you had it coming: Whisky Tango Foxtrot do you expect would happen when you post a picture of your drivers license on a public forum, @justina colmena? You didn’t happen to post along a picture of your credit card and security code, did you, Beehive!

1&1~=Umm August 28, 2020 12:31 AM

@Bong-Smoking:

Nice to see you are still “banging” along. I hope things are on the up for you.

You beat me to the punch on j.c. Or what ever hursuit podial raiment they are using as a crank handle these days.

Bong-Smoking Primitive Monkey-Brained Spook August 28, 2020 1:19 AM

@1&1~=Umm:

Nice to see you are still “banging” along.

Always 🙂

I hope things are on the up for you.

My lower limbs are having problems with visual receptors, though. Feet that stink twice as much…

1&1~=Umm August 28, 2020 1:40 AM

@Bong-Smoking:

“Feet that stink twice as much…”

Like cheese are twice as strong :-S

Mind you take care with the bong, after all as the film catchline almost has it,

‘I love the smell of burning foot-palm in the morning’

Bong-Smoking Primitive Monkey-Brained Spook August 28, 2020 1:55 AM

@1&1~=Umm:

I love the smell of burning foot-palm in the morning

Thanks! Victory sounds good &)
To sleep, perchance to Dream; eye, there’s the rub!

Jon August 29, 2020 5:42 PM

Oddly enough, automated ordering was one of the very first notices of the Y2K problem.

Canned tomatoes have a remarkably long shelf-life – so their expiration dates are far in the future. In the middle of the 1990s, suppliers started shipping canned tomatoes with expiration dates in the year 2000 – read as ’00’.

Automated grocery warehouse software read that as ‘1900’, declared the tomatoes long expired, and printed orders to the warehouse to throw them away. It’s a feature, that, so expired food doesn’t get shipped to an actual store (which does happen sometimes anyhow). And then, since all the canned tomatoes had been thrown away, thus inventory on hand for a fairly popular product was zero, so the software cheerfully re-ordered lots more canned tomatoes.

Which, of course, appeared with the ’00’ expiration date and were duly and promptly ordered thrown away. Around we go again.

It was eventually looked at by a tomato broker, who called up the grocery warehouse and said “What’s the deal with all these tomato orders?”

Jon

Autolykos October 23, 2020 3:35 AM

Nice illustration that intelligence and wisdom are two very different things. Those guys thought of a clever trick, stole millions with it, and noticed that their mark found out. And, like total fools, they try to continue with different tactics instead of taking the money and running, immediately.
They could have retired on a nice little island, and now they’ll get a federally sponsored holiday in a much less scenic location instead…

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.