Amazon account hacked

BTB 500

MB Club Veteran
SUPPORTER
Joined
Aug 7, 2005
Messages
19,325
Location
Berkshire
Car
R129 SL500, W639 Vito 120, S203 C230
Woke up to a series of emails this morning confirming that my Amazon account had been hacked and used to place an order at around 3AM. The perp had tried to get the vendor to deliver to a different address, which they refused to do. Then changed the email address on the account. Amazon detected something dodgy going on, changed the account password, reversed the email address change and deleted the order.

Called the bank who confirmed the charge against my credit card (only £28!) which they were happy to refund, card cancelled and new one on the way. Old card deleted from Amazon and PayPal and new (different) strong passwords set on both.

So it could have been much worse, but a bit of a pain nonetheless.

How did they do it? My Amazon password was unique (i.e. not used for any other accounts) and I only ever logged in from my home PC (which I've confirmed today is virus and malware free). I've definitely not responded to any phishing emails or similar, and the account is only used by me.

:dk:
 

Dryce

MB Enthusiast
Joined
May 17, 2006
Messages
7,998
Car
..
Could you have you entered your login details into a spoof Amazon site at some point?

If you entered details and got a login error and then the site switches to the real Amazon then you might have assumed that you misentered your password.
 

KillerHERTZ

Administrator
Staff member
Joined
May 21, 2003
Messages
17,343
Location
Cambs
Car
CLS63 AMG
^ this, does anyone else in your family use the same account? Could your other half have clicked on a dodgy email? Do you use the same passwords across multiple sites?
 

PobodY

MB Enthusiast
Joined
Aug 23, 2016
Messages
2,535
Location
Stoke-on-Trent
Car
CLK350 Sport
Maybe they got lucky? - The £28 was probably just to test whether they'd found a working account, then they got greedy and Amazon noticed and put a stop to it.
 

John

Hardcore MB Enthusiast
SUPPORTER
Joined
Mar 3, 2011
Messages
12,733
Location
Daan Saaf
Car
W222 S500L
What did you use to ensure your computer is malware and virus-free?
 

bob6600

MB Enthusiast
SUPPORTER
Joined
Jan 3, 2013
Messages
6,303
Car
AUDI S8 V10, S210 E320 CDI (R.I.P.)
Too much porn :)

Was your password easy to guess and related to your username?

Tbh it's probably fairly easily done these days, you may have just been unlucky
 

Dec

MB Enthusiast
Joined
Jul 28, 2004
Messages
4,475
Car
C180,A.
Woke up to a series of emails this morning confirming that my Amazon account had been hacked and used to place an order at around 3AM. The perp had tried to get the vendor to deliver to a different address, which they refused to do. Then changed the email address on the account. Amazon detected something dodgy going on, changed the account password, reversed the email address change and deleted the order.

Called the bank who confirmed the charge against my credit card (only £28!) which they were happy to refund, card cancelled and new one on the way. Old card deleted from Amazon and PayPal and new (different) strong passwords set on both.

So it could have been much worse, but a bit of a pain nonetheless.

How did they do it? My Amazon password was unique (i.e. not used for any other accounts) and I only ever logged in from my home PC (which I've confirmed today is virus and malware free). I've definitely not responded to any phishing emails or similar, and the account is only used by me.

:dk:
I was asking the OPs about the strength of his old password.

Dec
 
OP
OP
BTB 500

BTB 500

MB Club Veteran
SUPPORTER
Joined
Aug 7, 2005
Messages
19,325
Location
Berkshire
Car
R129 SL500, W639 Vito 120, S203 C230
I agree a spoof site is the most likely explanation, but can't see how I'd have ended up on one. It's not like I would ever search for Amazon.co.uk :confused: If I type "am" into my browser (Chrome) it's the first link that comes up, and there are no dodgy ones below it.

As mentioned the password wasn't used for any other sites, and it was never known by anyone else. It wasn't a super-strong string (e.g. including upper and lower case, numbers and special chars.), but it wasn't anything simple and guessable.

I've got the latest version of Win10 Defender which is pretty reasonable, but also did a full scan with Malwarebytes.

Latest twist is that I've now had an email saying the order has been dispatched ... despite there now being no record of it on my account, and the bank refunding me the card payment! What's interesting is that it's a camera mount for a multirotor (drone :rolleyes:), and I do fly those. I've never bought anything for them on Amazon though, and the mount is for a specific model and specific camera and I've never owned (or considered owning) either of them.

To be on the safe side I also changed my email, eBay, PayPal, and Facebook passwords (all to different - strong - values ;)).
 

PobodY

MB Enthusiast
Joined
Aug 23, 2016
Messages
2,535
Location
Stoke-on-Trent
Car
CLK350 Sport
It's not a wife or significant other buying a gift for you?

Because the PayPal account it my name, I randomly get emails associated with purchases my wife has made. - Sometimes it's obvious what she's bought, but other times its just "Yum Cha trading company" so then I need to check that it's genuine with her.

As she's got a Kindle, my wife maintains a separate Amazon account... or I'd probably see all her purchases on there too.
 

markjay

MB Master
SUPPORTER
Joined
Jun 24, 2008
Messages
29,037
Location
London
Car
W204 C180 Executive SE 2013 Automatic / COMAND NTG4.7 and Morel speakers fitted by www.comand.co.uk
The unknown element here is Amazon's own security. I.e., there is always the possibility that issue is not on your end.

The fraudsters may have exploited an Amazon vulnerability. It's unlikely that Amazon will tell you that it was due to a problem with their system.... so you'll never know for sure.
 
OP
OP
BTB 500

BTB 500

MB Club Veteran
SUPPORTER
Joined
Aug 7, 2005
Messages
19,325
Location
Berkshire
Car
R129 SL500, W639 Vito 120, S203 C230
Wife has completely separate accounts (on the computer, Amazon, Paypal, etc.).

Yes it could possibly have been an issue at the Amazon end ... partly why I posted, in case anyone had experienced (or heard of) anything similar. They had my account account locked down pretty quickly (in less than 2 hours) after a single low-value purchase and an email address change. I know vendors etc. are hot on pattern recognition these days but that almost seems suspiciously fast?

I looked back btw and have only made 2 purchases on Amazon this year, with the last one being 2 months ago.
 

GLK

MB Enthusiast
SUPPORTER
Joined
Sep 20, 2014
Messages
2,751
Location
Bozeat, Northants
Car
A200 Sports Coupé C169 & smart EQ fortwo 2020 Prime Exclusive
Unless things changed - and I haven't check for at least a year - Amazon wasn't working with secure verification by Visa and MC (as in ignoring the facility), and didn't require CVV to setup a card, so I disabled One Click and removed my card details ... And I have a separate (normally empty) account and card, for online purchases from the likes of eBay, Amazon, AliExpress et al.

With online transfers pretty much instantaneous nowadays, there's no need to risk one's main bank account ... Just my opinion of course.
 
OP
OP
BTB 500

BTB 500

MB Club Veteran
SUPPORTER
Joined
Aug 7, 2005
Messages
19,325
Location
Berkshire
Car
R129 SL500, W639 Vito 120, S203 C230
With online transfers pretty much instantaneous nowadays, there's no need to risk one's main bank account ... Just my opinion of course.
Agree 100% I have a MasterCard with the credit limit set as low as they will allow, and I use that for anything 'risky' including 99% of online stuff. That's the card that was linked to my Amazon account, but given how rarely I buy there I won't be adding the new card details.
 

flowrider

MB Enthusiast
SUPPORTER
Joined
Aug 25, 2011
Messages
3,275
Location
Hertfordshire
Car
SL500 (R230) / Audi S5
A few weeks ago I had my bank account hacked and someone managed to withdraw 3 transactions of £3,800 in 2 days. The bank's checks did not trigger that anything was wrong and it was only spotted by me when i logged in a couple of days later. I have had no explanation on how the hackers got in, the bank just gave me advice on not divulging my log on details to anyone, which I have never done, ensure I have anti virus and anti malware on my PC, which I do, and to only access the account from a known safe source, which I also do. Anyone logging in to my account would need to know my 13 digit key-code, 8 digit password and 8 digit pass code, not likely. The bank has no idea how the hackers got in, so they tell me, which I find hugely worrying.
 
OP
OP
BTB 500

BTB 500

MB Club Veteran
SUPPORTER
Joined
Aug 7, 2005
Messages
19,325
Location
Berkshire
Car
R129 SL500, W639 Vito 120, S203 C230
I'm paranoid enough not to use online banking at all.

A few years back someone in Hull still managed to set up a direct debit for their broadband from one of my accounts though!
 
D

Deleted member 6183

Guest
A few weeks ago I had my bank account hacked and someone managed to withdraw 3 transactions of £3,800 in 2 days. The bank's checks did not trigger that anything was wrong and it was only spotted by me when i logged in a couple of days later. I have had no explanation on how the hackers got in, the bank just gave me advice on not divulging my log on details to anyone, which I have never done, ensure I have anti virus and anti malware on my PC, which I do, and to only access the account from a known safe source, which I also do. Anyone logging in to my account would need to know my 13 digit key-code, 8 digit password and 8 digit pass code, not likely. The bank has no idea how the hackers got in, so they tell me, which I find hugely worrying.
Did you lose any money?
 

Rory

MB Enthusiast
SUPPORTER
Joined
Mar 12, 2005
Messages
7,361
Location
Cheshire, UK
Car
C270CDi Estate (late 2004 facelift model)
A few years back someone in Hull still managed to set up a direct debit for their broadband from one of my accounts though!
There's nothing that stops that from happening, hence the Direct Debit guarantee. All that's needed is the same information as on your cheques.

It famously happened to Jeremy Clarkson when he published his bank account information in an article.
 

Rory

MB Enthusiast
SUPPORTER
Joined
Mar 12, 2005
Messages
7,361
Location
Cheshire, UK
Car
C270CDi Estate (late 2004 facelift model)
Agree 100% I have a MasterCard with the credit limit set as low as they will allow, and I use that for anything 'risky' including 99% of online stuff. That's the card that was linked to my Amazon account, but given how rarely I buy there I won't be adding the new card details.
I had one card hacked/cloned or whatever three times before I stopped using it, yet no issues with the other three cards I continue to use. One of the fraudulent sets of transactions involved currency exchange in a bank and the purchase of flight tickets - things you'd think would be secure and traceable.

The card company didn't seem to care less. Just credited back everything and sent me a form to sign confirmed they weren't my transactions. These have got to be inside jobs.
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

Top Bottom