Amazon Plans to Record Keystrokes for Customer Service Workers

  • By Dawna M. Roberts
  • Aug 26, 2021

According to a leaked internal memo, Amazon is considering monitoring keystrokes for all its customer service representatives. 

What is Happening?

Sources claim that Amazon is suffering at the hands of its customer service team operating out of other countries. A leaked memo confirmed that the company is experiencing widespread data leak and illegal access of customer data by insiders. The online retail giant has resorted to the option of monitoring all keystrokes from customer service reps. 
Motherboard first received the sensitive memo and published a report about Amazon’s choice to monitor reps’ keystrokes. Amazon was quoted as saying, “We have a security gap as we don’t have a reliable mechanism for verifying that users are who they claim they are.”
Amazon elaborated that the area of most concern is employees who are working from home in India and the Philippines. The majority of the “data exfiltration risk” comes from those staffers. 
Threatpost explains more about the issue “Roommates of legitimate customer service reps curious to look up what famous people purchased from Amazon; hackers purchasing customer-service credentials; even the use of a USB Rubber Ducky to rapidly input keystrokes to gain access to systems, are all ways that attackers have abused Amazon data, according to the report.”

What is Being Done About the Problem?

Amazon is considering using BehavioSec, a company “which uses the aggregate data of a user’s mouse clicks and keystrokes to develop a profile of their typical behavior.” The tool monitors keystrokes, and then when the behavior of the primary individual changes, it identifies it as odd and alerts the client. 
“We are considering an option that will include capturing all keystrokes, and with this functionality turned on, we may not be able to deploy the off-the-shelf solution,” Amazon commented.
Experts agree that the company may even be downplaying the issue that there is a good chance that the problem is much worse than stated in the memo. 

Why is This Happening?

In an interview with Gaurav Banga, CEO of Balbix, Banga told Threatpost that the best security measure for any organization is employee managers who know who each employee is and what they are supposed to be doing. Unfortunately, the largely remote workforce has destroyed any control and security that was in place. Amazon is no exception. 

“You can’t see who’s an insider and who’s an outsider,” Banga said. “So, how do you compensate for not knowing who your employees are?”

“He said keystroke monitoring is the kind of security that remote employees will have to get used to in the future.”

Because cybercriminals are so adept at finding ways into the organization, behavioral profiling will have to become the solution. 
Threatpost explains, “Behavioral profiling is becoming increasingly important to be able to detect these threat actors, not just via user behaviors but anomalous patterns of behavior in connected devices.”

For example, “if a video-surveillance camera suddenly starts communicating with a malicious ransomware domain, that’s an obvious departure from regular behavior that should be investigated.”

Amazon Plans to Record Keystrokes for Customer Service Workers

Monitoring keystrokes is only the beginning. However, “This will be useful to detect devices that have already been compromised, particularly with many customer service agents now working from home with shared living quarters and poor physical security,” Threatpost shared.
Experts warn, however, that Amazon and other employers thinking about taking this drastic step should only monitor keystrokes and install behavioral profiling on company-owned devices, or they may open themselves up to lawsuits.
Some employees have balked at the coming security protocols. Cybersecurity professionals warn them “don’t use your work computer to do anything personal.”
Companies like Amazon have a lot at stake and must regain control over security practices, especially within their remote workforce. 
About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

ChatGPT Suffered From a Major Data Breach Exposing its Subscribers

ChatGPT Suffered From a Major Data Breach Exposing its Subscribers

ChatGPT is OpenAi's chatbot designed to simulate conversations with other people. The tool utilizes a massive language model to produce realistic and believable responses for a conversation.

Weekly Cybersecurity Recap March 24

Weekly Cybersecurity Recap March 24

Cyber-attacks are a major problem that exposes millions of people to fraud on an annual basis. This week there were attacks on some truly massive organizations like the NBA and PayPal, as well as a cyber security company and a few medical companies.

Independent Living Systems LLC Gets Hacked, Exposing 4 Million Patients

Independent Living Systems LLC Gets Hacked, Exposing 4 Million Patients

Independent Living Systems LLC is a healthcare facility provider for the elderly, physically challenged, and impaired. The company establishes short-term healthcare facilities for those that need extra care.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an email address