A grieving mother was left distraught by Amazon after a laptop bought to plan her child’s funeral disappeared in an alleged scam – despite the website claiming to protect the purchase with a one-time password.

  • jordanlund@lemmy.world
    link
    fedilink
    arrow-up
    25
    ·
    1 year ago

    Not sure what the “scam” here is. Are they saying the delivery person triggered the OTP and walked off with the pacakge?

    Seems like that would be a super easy problem for Amazon to fix.

    • Wermhatswormhat@lemmy.world
      link
      fedilink
      arrow-up
      32
      ·
      1 year ago

      I’m feeling the exact same way. This isn’t a scam as much as it is just plain theft. Amazon employees are stealing the packages plain and simple. And I also feel like Amazon doesn’t want to investigate itself and find out that they’ve hired thieves instead of employees.

      • andrewta@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        This is why I’m so glad I have the ability to go to my cell phone provider store and buy directly there( for cell phones), and best buy for most other electronics. If I have to order I have it sent to the store. Stolen in shipping? Not my problem. Again I’m glad I have that ability.

    • towerful@programming.dev
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      Yeh, Driver should trigger OTP delivery.
      Recipient should get a text/app-notification with a “is the driver in front of you (physically in front of you, at your door)? Be aware of OTP scams” prompt.
      Then release the OTP code to the recipient.
      Driver types it in, and hands over the package.

      Equally, the driver-contact-customer SMS normally has a “your driver is trying to contact you. Please reply STOP to opt out” pre-message, before delivering the drivers message. This could include a “remember, OTP codes should be exchanged in person and not via SMS” warning.

      • IHeartBadCode@kbin.social
        link
        fedilink
        arrow-up
        11
        arrow-down
        1
        ·
        1 year ago

        OTPs only ensure that you “physically have” the thing that the OTP presents.

        UPS used to hand over a signature pad to collect a signature. Amazon’s OTP implementation should have an OTP that the customer enters into a pad that the driver hands over. The driver gets the pad back once the package is given to the customer. The package is then marked delivered when the driver enters their OTP into the pad.

        The entire point is that the delivery pad is the presentation of the OTP. The customer entering their OTP into the pad indicates they physically have the pad (not the product), the driver entering their OTP into the pad means they have recollected the pad (ideally in exchange for the parcel). The OTP only proves that someone physically holds the device that the OTP was entered on, it proves nothing else.

        No good OTP implementation has in it a point where the OTP is told to another person. Amazon’s OTP implementation is just flawed from the word start. I think more people would understand it if the whatever digit number was called something like “signature code”, in that the set of numbers constitutes the equal to a signature. You wouldn’t let someone, especially the driver themselves, sign for your package, so you shouldn’t tell the OTP to anyone, except those who you think should be able to sign for your package.

  • BombOmOm@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    arrow-down
    1
    ·
    1 year ago

    I’m not really sure how the OTP would prevent thefts, as demonstrated by this article.

    Another common way to do this is for drivers to deliver the box, take a picture to ‘prove’ it was delivered, then pick it back up.

  • eric3a@lemmy.world
    link
    fedilink
    arrow-up
    8
    arrow-down
    1
    ·
    1 year ago

    I just got an OTP package and all went well.

    If the problem is theft by drivers, then the OTP is counter productive as it alerts the driver that this particular package contains a high value item, so they can easily swap it or fool the system.

  • Zerlyna@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    38
    ·
    edit-2
    1 year ago

    If she had access to an electronic device to order the computer… why did she need to buy a laptop to write a eulogy? Go to the library and write it for free.

    • StereoTrespasser@lemmy.world
      link
      fedilink
      arrow-up
      56
      arrow-down
      3
      ·
      1 year ago

      It was a dense and difficult article to read, so it’s likely you missed the subject and the overall point that was being made. The article was not about how this woman should write a eulogy, or whether it’s preferred to write a eulogy using one of a variety of media, including a laptop, pen and paper, or dictation. Nor was it about why one may need to order a laptop even though one may already have access to the Internet and word processing software through other electronic devices. Rather, the article was about the laptop she ordered through Amazon being stolen by the person making the delivery. In other words, no matter what the reason was for buying the laptop, the laptop would have still been stolen. Does that help? I sure hope it does.

      • yo_scottie_oh@lemmy.ml
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        1
        ·
        1 year ago

        Well said. Honest question: Did you really type this up on your first try? It takes me like six to eight edits to get anywhere near this level of eloquence.