Buyers Beware - Stolen Parcel, Be Careful with Expensive Purchases at Amazon

User102430 on 30/05/2024 - 11:43
Last edited 30/05/2024 - 11:43

TLDR: Amazon sends expensive parcels with delivery protected by one time passwords. The system is flawed and can be internally circumvented. If that happens and your parcel is stolen, Amazon is likely to make issues with refund.

After 100+ successful deliveries from Amazon (typically low value, daily use items), decided to use them to get a new, expensive laptop. Amazon promised to deliver it on the same day by 10pm, great. At 5.36pm I get one time password, great. I’m at home from 6.15pm, awaiting delivery. Silence, nothing happens, after 9pm I check email, “Your parcel has been delivered 8.52pm”. What the….? Immediately, something doesn’t feel right. Parcel nowhere to be found. Contacted Amazon – “you just confirmed delivery with your one time password, there’s nothing we can do”. Raising a new case again “You must have shared password, check with your neighbours. Thanks for shopping with us”. Feels like few grand almost lost, but I keep pushing.

Two things that saved me in this case. First, I live in high security building with several cameras, revisited 1 hour window with security and made them send me email confirming there was no couriers at all in the indicated delivery time. Two, I have years of professional experience in tech industry, I know how to handle passwords, there’s next to zero chance for me to share/lose/misuse it.

Having strong evidence at my disposal, I don’t give up and finally get positive response. Amazon’s “Executive Relations” team contact me and issue a refund. I don’t believe I’d win this case if circumstances were different and quick search confirms it. Plenty of evidence I’m not the only person scammed and there many who claim having similar problems. IMO, their delivery process is clearly flawed, and Amazon uses “we have record you confirmed delivery with password, there’s nothing we can do” to defend their position. Read more about it on Forbes, for example: https://www.forbes.com/sites/barrycollins/2024/02/03/amazons…

Draw your own conclusions. After all these years of successful deliveries, I'm both disappoint and concerned, and I don't think I’ll risk ordering expensive items from Amazon again.

General Discussion

Related Stores

Amazon AU
Amazon AU
Marketplace

Comments

  • kiitos on 30/05/2024 - 11:57

    So in some cases you use a one time password for deliveries to your home (as opposite to parcel locker)?

    What determines when it's used?

    • CrispyChrispy on 30/05/2024 - 12:00
      +2

      From the article OP listed:

      The OTP system requires customers to give couriers a six-digit code before expensive items are handed over by the courier to the customer.

      When an order for an expensive item is placed, Amazon sends a text message to the customer with a six-digit code. The customer must provide that code to the Amazon courier at the point of delivery to ensure that the parcel reaches the correct customer.

  • Balljuice on 30/05/2024 - 12:00
    +6

    I've never experienced this code process, but I've had ~$600 items delivered from Amazon US and they just leave them at the front door in the weather and in clear view. Seems like their policy is 'buyer beware'. Their cheap and fast delivery has to have some risk / drawbacks I guess…not good enough.

  • Pelicannn on 30/05/2024 - 12:06
    +6

    So the courier is stealing the item by saying they provided the code? Surely the code needs to be entered by the courier as well on their little signing device and they shouldn’t just have it.

    • User102430 on 30/05/2024 - 12:43
      +5

      Correct, in theory at least. Forbes article suggests there's a way for couriers to bypass OTP requirement by providing the last two digits of your phone number. Couriers shouldn't have access to it, however there are two, at least, possibilities:
      - they have access to your personal data from various stolen data leaks like Floptus, and they basically match your name/address with the phone number
      - there's insiders job - Amazon, after all, has your complete contact details, including phone number, and possibly the courier worked with someone who has access to get it

      • skid on 30/05/2024 - 13:28
        +1

        I've been called up a couple times by the Amazon driver - I thought my number was printed on the package or viewable from the app that the driver has?

        Can't think of a reason why a bypass would be required.

        • randomusername2017 on 30/05/2024 - 13:32

          Can't think of a reason why a bypass would be required.

          Majority of customers aren't even aware there is a password required nor where to find it… much easier to get their mobile number.

  • randomusername2017 on 30/05/2024 - 12:07

    Any chance you had a missed call?

    • User102430 on 30/05/2024 - 12:47
      +2

      Nope, no calls at all. Saved the call log, plus wanted to get details from the phone provider if needed, to prove there were no incoming calls that evening. In addition, Amazon's email with OTP warns, of course:

      "Do not communicate this password or your phone number to the driver over phone or intercom", but that kind of obvious.

      However, "don't communicate your phone number"…. IMO confirms weakness that Forbes reported that they use it as a backup to bypass OTP requirement, ignoring the fact tons of personal data is available on darknet due to various leaks, like Optus one etc.

      • randomusername2017 on 30/05/2024 - 13:03
        +1

        Hard to plan given the random nature of despatch.
        Last two digits of your mobile is the backup method… Obtained via voicemail or customer delivery notes.
        To mark as delivered they must have been within 20 metres of address, no other way to close it out.

        • User102430 on 30/05/2024 - 14:03

          Good to know about 20m requirement. GPS spoofing? I see people doing it here for simple things like cheap 7/11 petrol, should be easy enough for delivery.

          Alternatively, it's a large complex, would have been trivial to park outside, beyond camera reach.
          Security checked recordings from the visitors car park etc. no one arrived at the time, one or two food deliveries only.

          • randomusername2017 on 30/05/2024 - 14:20
            +1

            @User102430: If you've regularly had deliveries to that address it would be pinned fairly close to wherever they're normally left.

            GPS spoofing is not really possible with the current app… was previously.

            Bigger issue is marked as delivered with OTP …no photo required and assumed handover to customer…. more margin for error with third party last mile like dragonfly or fastway.

    • Clear on 30/05/2024 - 14:35
      +5

      Since when are we able to go to Amazon and shop instore?

  • boxall on 30/05/2024 - 12:31
    +10

    I wrote to them about the flaw in passwords as well. My delivery person SMSed me for the password an hour BEFORE they arrived. It should be in person only!

    • jv on 30/05/2024 - 12:44
      +4

      My delivery person SMSed me for the password an hour BEFORE they arrived.

      I'd reply back that the code is under the door mat.

    • garetz on 30/05/2024 - 12:58

      Did you provide it ? of course you shouldn't until the item is in your hands.

      • boxall on 30/05/2024 - 18:02
        +3

        I did and then panicked. Just stupid to do, but no issues in the end. I did make a complaint to Amazon though. $700 Mini PC as well.

  • JimmyF on 30/05/2024 - 13:06
    +4

    From the article linked above

    The reader claimed that in cases when the customer is unable to provide an OTP, courier drivers can instead use digits from the customer’s cell phone number as proof of identity.

    While I get Amazon doesn't like repeat deliveries as that costs money, what is the point of a OTP password if the package is going to be left anyhow if bypassed by a simple thing like their mobile number!?

    Seems like a flawed system open for abuse!

    • randomusername2017 on 30/05/2024 - 13:18
      +1

      bypassed by a simple thing like their mobile number!?

      How would the driver get access to the phone number?

      • User102430 on 30/05/2024 - 13:59

        My speculation, as above:
        - they have access to your personal data from various stolen data leaks like Floptus, and they basically match your name/address with the phone number
        - there's insiders job - Amazon, after all, has your complete contact details, including phone number, and possibly the courier worked with someone who has access to get it

      • enthusiast on 30/05/2024 - 14:17
        +1

        How would the driver get access to the phone number?

        Just checked an Amazon box here (delivered by Australia Post) and my phone number is on the label! I use a VoIP number though when dealing with companies, rather than my mobile.

        • randomusername2017 on 30/05/2024 - 14:24
          +1

          Amazon labels don't usually have phone numbers, especially OTP deliveries… number is whatever is listed on your Amazon account (land or mobile) last 2 digits.

    • User102430 on 30/05/2024 - 14:00
      +1

      Seems like a flawed system open for abuse!

      Precisely, it's just the worst and most nonsensical OTP implementation I've seen.
      Plus, they use it as an excuse - not in my case, luckily but many others - to refuse any compensation claims.

  • star-ggg on 30/05/2024 - 13:17
    +2

    Sounds like the issue is with Amazon farming their delivery service out to independent contractors

  • Sye on 30/05/2024 - 13:23
    +1

    Interesting to know that doing Amazon deliveries has fringe benefits. I might have to sign up and start doing deliveries. How many deliveries do I have to do until I get the free laptop?
    /$

  • uncompressed on 30/05/2024 - 13:43

    That's weird. I've had multiple deliveries all require OTP and on days when I was not around to provide the code, or missed the call from the delivery guy, they had to re-organise a delivery and send a new code.

    • User102430 on 30/05/2024 - 13:57
      +1

      Makes sense, I would never say all their couriers are thieves, probably majority is honest…. but some clearly are stealing stuff

  • ihbh on 30/05/2024 - 13:48

    How did the delivery guy know it was an exy laptop? Did Amazon send it in the manufacturer's box only?

    • skid on 30/05/2024 - 13:58
      +1

      My last Amazon AU purchase of a PC component was shrink wrapped with a packing label stuck on it. The Amazon US purchase (of a motherboard) was still in an Amazon box with no padding.

    • User102430 on 30/05/2024 - 13:58
      +2

      Possible. If it was in a box, it's not hard to guess what's inside, if you have some experience: size, weight, same day delivery plus it requires OTP? Also possible, it was a joint operation, where courier had someone else to assist and provide specifications, with better system access and data

    • bamzero on 31/05/2024 - 10:51
      +1

      Well, if it's a delivery that requires a OTP it's something expensive. Does it really matter to them whats inside?

  • FoxJump on 30/05/2024 - 13:58

    lucky my 4x 8tb ssds came through okay! phew.

  • bazingaa on 30/05/2024 - 14:01

    I had to use codes twice for a telescope and some other thing, there were no issues though

    • Muzeeb on 30/05/2024 - 14:34
      +5

      That is astronomical.

  • djkelly69 on 30/05/2024 - 14:21
    +3

    Not quite related as it doesn't involve an OTP, but the most expensive thing I have ordered from Amazon by a long way (Quest 3) was the only item I have ever received that was completely the wrong item. It contained two or three cheap plastic trays for putting soft drink cans or something in.

    Luckily the box felt too light when I picked it up, so I filmed myself opening it. Managed to get an actual Quest 3 delivered quite quickly and with surprisingly little push back (don't think I even needed the video footage, maybe just a couple of photos showing what was in it).

    Definitely seemed suspect.

  • PissLUR on 30/05/2024 - 14:26
    +2

    they used the last 3 digits of your mobile.

  • iCandy on 31/05/2024 - 08:22
    +2

    The Amazon courier who delivers to me throws my parcels on top of our letterboxes, available to anyone living inside the complex or anyone passing by outside. I’ve also had expensive items go missing - eg an 18 year old bottle of single malt Scotch that “smashed” apparently. It’s always the expensive items that go missing or get smashed. I’ve given up on Amazon now because of the delivery issues and the fact the Chinese have infiltrated it and sell their fakes on there masquerading as the real deal.

  • reactor-au on 31/05/2024 - 08:32
    +1

    I haven't had any issues with otp deliveries, seem to get them for certain categories of items or items over a certain value under $100. Who knows.
    Stupid flaw though.

    I always imagined that a contractorb would be black marked if x% of deliveries had reported issues.

  • jaejae69 on 31/05/2024 - 10:27

    Amazon customer service is very hit or miss. Last month I had a delivery scheduled on two separate occasions and on both days no one came to deliver. Eventually they told me it was lost and the best they can do is a refund. I requested the customary $5/$10 account credit for wasting my time waiting for a delivery. The rep gave me every BS excuse under the sun why she couldn't do that. I then requested a supervisor call back, said supervisor tried to give me the same BS before "oh actually I can see an option to apply the credit now".

    Another occasion a couple of weeks ago I bought a used copy of a game and the copy that got shipped to me was a Japanese version, not Aussie. Called up and the rep immediately offered me a full refund and told me not to even send back the game.

  • ton1 on 31/05/2024 - 22:24
    +1

    Just use local drop off easy free. Especially for expensive stuff

  • User0001 on 01/06/2024 - 00:00

    Use a parcel locker or your nearest post office. They're both free and you'll never lose a parcel/package.

Login or Join to leave a comment
Login Join