A new scam tool could be taking aim at online merchants over the festive period.
Security vendor GFI software has reported a new crop of malware applications that could be used to trick merchants on Amazon.com.
Researcher Christopher Boyd outlined the tools in a posting to the blog of GFI subsidiary Sunbelt Software.
Boyd said that the attack tool is an HTML generator that creates fake receipts. Designed to look like authentic Amazon receipts, the tool allows a would-be attacker to enter information through a form.
The form then creates the phony receipt file with information such as an order number, item description and address information.
Potentially, a cyber criminal could use the artificial receipts to trick merchants into believing that an item was damaged or not delivered, leading the merchant to ship additional items or supply software licensing information.
Boyd noted that the attacks can be thwarted by merchants checking the receipt files with sales and payment records. As no purchase was ever made, the merchant would have no record of a sale or shipment.
"It's clear that sellers will need to keep their wits about them over the coming festive season as I can see this being a particularly popular scam for the time being," wrote Boyd.
"If a 'customer' seems a little peculiar, ensure you take a good look at their receipt. You probably don't want to have a Homer Simpson moment after you've sent three Playstations to their dropoff address."
RTX 280 Ti will come with 11GB of fast GDDR6 video RAM with a 352-bit memory bus offering 616Gbps
The scale of jobs lost to automation will be at least as large as those in the first three industrial revolutions
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC