Who’s behind these mysterious deliveries? California man showered with products he didn’t order


John DeFiore and Jan Roletto at their home in Woodside, California. The couple has received many packages addressed to a mysterious Mr Williams. — Bay Area News Group/TNS

Daniel Williams, come pick up your junk.

For more than six months, a parade of unsolicited Amazon packages – large and small, cheap and expensive, free or fraudulently billed – have arrived at John DeFiore’s rural Woodside home, addressed to a mysterious Mr Williams.

“It’s like the Twilight Zone,” said DeFiore, 61, an electrical engineer who is meticulous about his online shopping habits and credit card use.

“We don’t want any of this stuff,” he said. “It’s not ours. We have everything we need.”

Online shopping offers near-infinite choice and convenience. But it has also created a global gathering place for digital crooks, fraudsters and credit card thieves. Consumers’ only remedy – calling customer service – is its own journey through hell.

DeFiore’s drama started innocently enough, with the arrival of a simple envelope holding two tiny machine screws. He dismissed it as a simple address error.

“Oh, somebody just made a mistake,“ he thought. “Maybe there’s a new neighbour named Daniel Williams.” He found a Dan Williams in the nearby town of La Honda – but, nope, the screws weren’t his.

Nor did they belong to any of the nation’s other Daniel Williams, such as the doctor who performs hand surgery in Wisconsin, or the former defensive tackle who does diabetes education in Memphis. The name, apparently a pseudonym, was used by what Amazon calls “a bad actor”.

The screws were soon followed by solar panel cables, a gaming console and an attractive digital picture frame.

Then came a portable foot spa, with air bubbles, temperature control and massage rollers.

Next was a box of men’s flannel shirts, then, over time, more than 20 other random items. DeFiore and his wife, Jan, quit opening the packages and sent them straight back.

“It was just a minor annoyance,” requiring repeated calls to the postal service, UPS and Fed Ex for pickups, he said.

DeFiore loves problem-solving. As a child, he took apart home appliances and electronics to see how they worked. Now, as a field engineer specialising in personal electronics at Texas Instruments, he spends his days answering technical product questions, debugging circuits in a customer’s lab, writing application notes, doing schematic and layout reviews, and more.

But this perplexed him. “We couldn’t figure it out,” he said.

Then came a small sofa – and an alarming US$459 (RM2,195) charge on his Amazon Prime credit card. The sofa wasn’t listed anywhere on his Amazon account. But he was billed for it.

Suddenly, the puzzle became an ordeal.

DeFiore called his credit card company to reject the charge, but the company wanted proof that the sofa had been returned. Fed Ex didn’t have proof, because DeFiore was neither the shipper nor the recipient. DeFiore wasn’t in the computer system, so the pickup wasn’t documented.

To halt the steady stream of package deliveries, he called Amazon customer service. The company doesn’t provide any email addresses, so he first tried “Live Chat”, then Amazon’s overseas call center. Every conversation – where he recounted the surreal experience, repeating it each time his call was handed up the supervisory chain of command – was first met by bewilderment, then an assurance that it would be addressed.

“‘We’ll take care of it’,” he was told. “‘Don’t worry, we’ll fix this’.”

Meanwhile, the packages continued arriving. Fraudulent charges began showing up, as well.

DeFiore closed his Amazon account. He cancelled his credit card. Amazon finally confirmed, by email, that he hadn’t placed the orders and reported that the charges weren’t his. DeFiore couldn’t learn more – Amazon’s email had a “no reply” address – but that was enough to convince the bank to reverse the estimated US$1,000 (RM4,783) in wrongful charges, which included the sofa, pending review.

DeFiore changed all his passwords, and was issued a new credit card with “2-Factor Authentication”. Before it was even two days old, a new charge popped up.

“It’s bizarre. How did this Daniel Williams, or whoever is behind this, get our credit card? He’s not getting the packages – what’s he getting out of this?” asked DeFiore.

There’s a dark and complex world of online ecommerce scams, said Lou Covey, editor of Cyber Protection Magazine.

One scheme is called “brushing”, when dodgy sellers use online marketplaces like Amazon to submit fake orders to promote their own items. After putting in an order, the seller ships a low-quality product to an unwitting recipient. Once the item is received, the scammer posts a fake five-star review. With a higher ranking, more people will buy their products.

While companies like Amazon do not sell our personal information, they share it with third-party partners, said Covey. Unscrupulous vendors “may do whatever they want with that information, including selling it to anyone else”, said Covey.

Credit card numbers can be stolen by illegal “skimmers”, devices installed at gas station pumps, ATMs and other locations. Personal information may also be seized during a company’s privacy breach, then used by criminals to obtain a credit card in someone else’s name. If a computer is attacked by malicious software, or malware, a “keylogger” may be installed for surveillance of keystrokes, including credit card data. Even customer service centers may be a source if dishonest employees steal personal information.

“It’s really easy to get credit cards. People sell them online, 500 for US$200 (RM956),” said Covey. “That ‘Daniel Williams’ doesn’t exist,” he added. “And it could be more than one guy. It could be a crowd.”

If an imposter isn’t getting the packages, why does he bother?

He may be counting on DeFiore’s honesty. Every time a package is returned, Amazon offers a refund – and it may somehow be diverted into the imposter’s personal account. Even DeFiore’s “free” items may not have been truly free; the fraudster may have charged them to someone else’s credit card.

Amazon says it has found the “bad actor” that is sending the packages and has closed that account. No further details were shared.

“Amazon works hard to provide customers with a great experience and it’s our commitment to go above and beyond to make things right for customers,” said spokesman Tim Gillman.

First, check with friends and family to make sure it’s not a gift. Then, “if the customer confirms neither they, nor anyone they know, ordered the package, they should report it online by going to the Report Unwanted Package form.”

It’s been two weeks since the last package. Meanwhile, DeFiore is waiting, and watching his credit card. He worries that “Daniel Williams” will again gain access to his personal information, open a new Amazon account, and try again.

“It seems like an awfully complicated way to get money,” he said.

Technology has made scamming more sophisticated. How should you protect yourself? Here’s advice from Lou Covey, editor of Cyber Protection Magazine:

– Make sure you know who the vendor is. Do a little bit of research, rather than selecting just on price. “If you’ve never heard of them, that should be your first concern. When we walk through downtown San Francisco, we’re constantly aware of people around you. We don’t do that online.”

– “Amazon Prime” vendors are better vetted than others. The easiest way to find Prime vendors is to check the little box in the upper left hand corner of your screen that says “Prime only.” Amazon automatically clicks it off, so you have to click it on.

– Consider using “passkeys”, which are easier and more secure than passwords. They let you sign in to your Amazon account by using your face, fingerprint, or the PIN that you use to unlock your device.

– If you use passwords, change them every three months. Don’t repeat passwords or use the same password for every account. A “password manager” makes it easier to change them frequently, using a randomly generated code.

– Set up your bank account so it issues an alert every time your credit card or your bank card is used, so you’ll know as soon as a transaction happens.

– Credit unions provide better security than banks. To be sure, large banks are more numerous and convenient. But they are larger targets for hacking.

– Install antivirus software on your computer. Because the software is constantly running, it may slow down your machine. But it will fend off hackers who are trying to steal personal information.

You’ve gotten a package you didn’t order. A fraudulent charge shows up on your bill. How can you get better help from Customer Service? Amas Tenumah, author of the book Waiting For Service: An Insider’s Account Of Why Customer Service Is Broken, offers this advice:

– Don’t buy anything without first vetting a company’s customer service. Customer service is bad by design; it doesn’t generate revenue for a company. Because the most expensive service is delivered by a human, companies try to automate as much as possible. First you’ll meet a ChatBot, not a person. If you go to a LiveChat, you’ll get a human, but they may be juggling many other conversations at the same time. A one-on-one phone conversation with a real person, while less cost-effective for the company, is the best way for you to get a solution for a complicated problem.

– Customer service staffers are required to read from scripts and must follow policies and procedures. They may be disciplined if they can’t solve problems. So don’t wait for them to volunteer to send your problem up the chain of command – instead, you have to make a direct request. “Keep them on your side,” said Tenumah. “Say, ‘Hey, I know this isn’t your fault, but can you get me to a manager?’ They need permission to escalate.”

– Beware of sharing personal information, such as your full social security number, with customer service.

– If a manager can’t help, say you will continue to escalate until there is a solution. “No one wants an email from their boss,” said Tenumah. If you send an email to an executive, that can help – not because they’ll respond, but they’ll find someone who can.

– Use social media to publicise your problem. Companies monitor those platforms.

– Data shows that customer service centers get lower call volumes in the early morning or late evening. Call times are the lowest, on average, at 7am. Wait times are 70% shorter if you call before noon. Additionally, data shows that Wednesdays and Thursdays have the lowest average wait times; Mondays have the longest wait times. – The Mercury News/Tribune News Service

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
   

Next In Tech News

Cyber attack on Italy's Foreign Ministry, airports claimed by pro-Russian hacker group
How to find your way around that updated Photos app
Video games can’t afford to look this good
Student in US who experienced 'deepest violation' from AI nudes speaks out
Landlords beware: Rent-shamers are calling out overpriced US listings online
Explainer-Why OpenAI plans transition to public benefit corporation
US adds 9th telcom to list of companies hacked by Chinese-backed Salt Typhoon cyberespionage
Biden administration proposes new cybersecurity rules to limit impact of healthcare data leaks
Hackers hijack a wide range of companies' Chrome extensions, experts say
OpenAI outlines new for-profit structure in bid to stay ahead in costly AI race

Others Also Read