An open database has revealed the identities of over 200,000 individuals who appear to be involved in Amazon fake product review schemes. 

There is an ongoing battle between the e-commerce giant and dubious sellers, worldwide, who wish to hamstring competitors and gain an edge by generating fake reviews for their products. 

This can include paying individuals to leave a glowing review or by offering free items in return for positive, public feedback. 

How they operate and stay under Amazon’s radar varies, but an open ElasticSearch server has exposed some of the inner workings of these schemes. 

On Thursday, Safety Detectives researchers revealed that the server, public and online, contained 7GB of data and over 13 million records appearing to be linked to a widespread fake review scam. 

It is not known who owns the server but there are indicators that the organization may originate from China due to messages written in Chinese, leaked during the incident. 

The database contained records involving roughly 200,000 – 250,000 users and Amazon marketplace vendors including user names, email addresses, PayPal addresses, links to Amazon profiles, and both WhatsApp and Telegram numbers, as well as records of direct messages between customers happy to provide fake reviews and traders willing to compensate them. 

According to the team, the leak may implicate  “more than 200,000 people in unethical activities.”

The database, and messages contained therein, revealed the tactics used by dubious sellers. One method is whereby vendors send a customer a link to the items or products they want 5-star reviews for, and the customer will then make a purchase. 

Several days after, the customer will leave a positive review and will send a message to the vendor, leading to payment via PayPal — which may be a ‘refund,’ while the item is kept for free. 

As refund payments are kept away from the Amazon platform, it is more difficult to detect fake, paid reviews. 


The open ElasticSearch server was discovered on March 1 but it has not been possible to identify the owner. However, the leak was noticed and the server was secured on March 6.

“The server could be owned by a third-party that reaches out to potential reviewers on behalf of the vendors [or] the server could also be owned by a large company with several subsidiaries, which would explain the presence of multiple vendors,” the researchers said. “What’s clear is that whoever owns the server could be subject to punishments from consumer protection laws, and whoever is paying for these fake reviews may face sanctions for breaking Amazon’s terms of service.”

Amazon’s community and review guidelines do not allow vendors to review their own products or offer a “financial reward, discount, free products, or other compensation” in return for positive reviews — and this includes through third-party organizations. However, as Amazon is a prominent online marketplace, it is likely that some vendors will continue to try and abuse review systems to bolster their revenue. 

“We want Amazon customers to shop with confidence knowing that the reviews they read are authentic and relevant,” an Amazon spokesperson commented. “We have clear policies for both reviewers and selling partners that prohibit abuse of our community features, and we suspend, ban, and take legal action against those who violate these policies.”

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0