Amazon account hacked

Discussion in 'PC and I.T support/Advice posts' started by BTB 500, Oct 15, 2016.

  1. BTB 500

    BTB 500 MB Club Veteran

    Messages:
    18,555
    Joined:
    Aug 7, 2005
    Location:
    Berkshire
    Car:
    R129 SL500, W639 Vito 120, S203 C230
    Woke up to a series of emails this morning confirming that my Amazon account had been hacked and used to place an order at around 3AM. The perp had tried to get the vendor to deliver to a different address, which they refused to do. Then changed the email address on the account. Amazon detected something dodgy going on, changed the account password, reversed the email address change and deleted the order.

    Called the bank who confirmed the charge against my credit card (only £28!) which they were happy to refund, card cancelled and new one on the way. Old card deleted from Amazon and PayPal and new (different) strong passwords set on both.

    So it could have been much worse, but a bit of a pain nonetheless.

    How did they do it? My Amazon password was unique (i.e. not used for any other accounts) and I only ever logged in from my home PC (which I've confirmed today is virus and malware free). I've definitely not responded to any phishing emails or similar, and the account is only used by me.

    :dk:
     
  2. Dryce

    Dryce MB Club Veteran

    Messages:
    6,911
    Joined:
    May 17, 2006
    Car:
    ..
    Could you have you entered your login details into a spoof Amazon site at some point?

    If you entered details and got a login error and then the site switches to the real Amazon then you might have assumed that you misentered your password.
     
  3. KillerHERTZ

    KillerHERTZ Administrator Staff Member

    Messages:
    16,743
    Joined:
    May 21, 2003
    Location:
    Cambridge
    Car:
    CLS63 AMG
    ^ this, does anyone else in your family use the same account? Could your other half have clicked on a dodgy email? Do you use the same passwords across multiple sites?
     
  4. PobodY

    PobodY Hardcore MB Enthusiast

    Messages:
    2,523
    Joined:
    Aug 23, 2016
    Location:
    Stoke-on-Trent
    Car:
    CLK350 Sport, Nissan GTiR
    Maybe they got lucky? - The £28 was probably just to test whether they'd found a working account, then they got greedy and Amazon noticed and put a stop to it.
     
  5. John

    John MB Club Veteran

    Messages:
    11,710
    Joined:
    Mar 3, 2011
    Location:
    Daan Saaf
    Car:
    I wish.
    What did you use to ensure your computer is malware and virus-free?
     
  6. bob6600

    bob6600 MB Club Veteran

    Messages:
    5,452
    Joined:
    Jan 3, 2013
    Car:
    AUDI S8 V10, S210 E320 CDI (R.I.P.)
    Too much porn :)

    Was your password easy to guess and related to your username?

    Tbh it's probably fairly easily done these days, you may have just been unlucky
     
  7. Dec

    Dec Hardcore MB Enthusiast

    Messages:
    4,475
    Joined:
    Jul 28, 2004
    Car:
    C180,A.
  8. Dryce

    Dryce MB Club Veteran

    Messages:
    6,911
    Joined:
    May 17, 2006
    Car:
    ..
    Well that's clever.

    Enter your password into a third party webpage ?

    Duhhhhhhhh. :doh:
     
    2 people like this.
  9. Dec

    Dec Hardcore MB Enthusiast

    Messages:
    4,475
    Joined:
    Jul 28, 2004
    Car:
    C180,A.
    I was asking the OPs about the strength of his old password.

    Dec
     
    1 person likes this.
  10. OP
    OP
    BTB 500

    BTB 500 MB Club Veteran

    Messages:
    18,555
    Joined:
    Aug 7, 2005
    Location:
    Berkshire
    Car:
    R129 SL500, W639 Vito 120, S203 C230
    I agree a spoof site is the most likely explanation, but can't see how I'd have ended up on one. It's not like I would ever search for Amazon.co.uk :confused: If I type "am" into my browser (Chrome) it's the first link that comes up, and there are no dodgy ones below it.

    As mentioned the password wasn't used for any other sites, and it was never known by anyone else. It wasn't a super-strong string (e.g. including upper and lower case, numbers and special chars.), but it wasn't anything simple and guessable.

    I've got the latest version of Win10 Defender which is pretty reasonable, but also did a full scan with Malwarebytes.

    Latest twist is that I've now had an email saying the order has been dispatched ... despite there now being no record of it on my account, and the bank refunding me the card payment! What's interesting is that it's a camera mount for a multirotor (drone :rolleyes:), and I do fly those. I've never bought anything for them on Amazon though, and the mount is for a specific model and specific camera and I've never owned (or considered owning) either of them.

    To be on the safe side I also changed my email, eBay, PayPal, and Facebook passwords (all to different - strong - values ;)).
     
  11. PobodY

    PobodY Hardcore MB Enthusiast

    Messages:
    2,523
    Joined:
    Aug 23, 2016
    Location:
    Stoke-on-Trent
    Car:
    CLK350 Sport, Nissan GTiR
    It's not a wife or significant other buying a gift for you?

    Because the PayPal account it my name, I randomly get emails associated with purchases my wife has made. - Sometimes it's obvious what she's bought, but other times its just "Yum Cha trading company" so then I need to check that it's genuine with her.

    As she's got a Kindle, my wife maintains a separate Amazon account... or I'd probably see all her purchases on there too.
     
  12. markjay

    markjay MB Club Veteran

    Messages:
    23,318
    Joined:
    Jun 24, 2008
    Location:
    London
    Car:
    W204 C180 Executive SE 2013 Automatic / COMAND NTG4.7 and Morel speakers fitted by www.comand.co.uk
    The unknown element here is Amazon's own security. I.e., there is always the possibility that issue is not on your end.

    The fraudsters may have exploited an Amazon vulnerability. It's unlikely that Amazon will tell you that it was due to a problem with their system.... so you'll never know for sure.
     
  13. OP
    OP
    BTB 500

    BTB 500 MB Club Veteran

    Messages:
    18,555
    Joined:
    Aug 7, 2005
    Location:
    Berkshire
    Car:
    R129 SL500, W639 Vito 120, S203 C230
    Wife has completely separate accounts (on the computer, Amazon, Paypal, etc.).

    Yes it could possibly have been an issue at the Amazon end ... partly why I posted, in case anyone had experienced (or heard of) anything similar. They had my account account locked down pretty quickly (in less than 2 hours) after a single low-value purchase and an email address change. I know vendors etc. are hot on pattern recognition these days but that almost seems suspiciously fast?

    I looked back btw and have only made 2 purchases on Amazon this year, with the last one being 2 months ago.
     
    1 person likes this.
  14. GLK

    GLK Hardcore MB Enthusiast

    Messages:
    2,550
    Joined:
    Sep 20, 2014
    Location:
    Bozeat, Northants
    Car:
    A200 Sports Coupé C169
    Unless things changed - and I haven't check for at least a year - Amazon wasn't working with secure verification by Visa and MC (as in ignoring the facility), and didn't require CVV to setup a card, so I disabled One Click and removed my card details ... And I have a separate (normally empty) account and card, for online purchases from the likes of eBay, Amazon, AliExpress et al.

    With online transfers pretty much instantaneous nowadays, there's no need to risk one's main bank account ... Just my opinion of course.
     
  15. OP
    OP
    BTB 500

    BTB 500 MB Club Veteran

    Messages:
    18,555
    Joined:
    Aug 7, 2005
    Location:
    Berkshire
    Car:
    R129 SL500, W639 Vito 120, S203 C230
    Agree 100% I have a MasterCard with the credit limit set as low as they will allow, and I use that for anything 'risky' including 99% of online stuff. That's the card that was linked to my Amazon account, but given how rarely I buy there I won't be adding the new card details.
     
  16. flowrider99

    flowrider99 Hardcore MB Enthusiast

    Messages:
    2,560
    Joined:
    Aug 25, 2011
    Location:
    Hertfordshire
    Car:
    SL500
    A few weeks ago I had my bank account hacked and someone managed to withdraw 3 transactions of £3,800 in 2 days. The bank's checks did not trigger that anything was wrong and it was only spotted by me when i logged in a couple of days later. I have had no explanation on how the hackers got in, the bank just gave me advice on not divulging my log on details to anyone, which I have never done, ensure I have anti virus and anti malware on my PC, which I do, and to only access the account from a known safe source, which I also do. Anyone logging in to my account would need to know my 13 digit key-code, 8 digit password and 8 digit pass code, not likely. The bank has no idea how the hackers got in, so they tell me, which I find hugely worrying.
     
  17. OP
    OP
    BTB 500

    BTB 500 MB Club Veteran

    Messages:
    18,555
    Joined:
    Aug 7, 2005
    Location:
    Berkshire
    Car:
    R129 SL500, W639 Vito 120, S203 C230
    I'm paranoid enough not to use online banking at all.

    A few years back someone in Hull still managed to set up a direct debit for their broadband from one of my accounts though!
     
  18. DrFeelgood

    DrFeelgood MB Club Veteran

    Messages:
    8,306
    Joined:
    Nov 10, 2005
    Car:
    BMW
    Did you lose any money?
     
  19. Rory

    Rory MB Club Veteran

    Messages:
    7,265
    Joined:
    Mar 12, 2005
    Location:
    Cheshire, UK
    Car:
    C270CDi Estate (late 2004 facelift model)
    There's nothing that stops that from happening, hence the Direct Debit guarantee. All that's needed is the same information as on your cheques.

    It famously happened to Jeremy Clarkson when he published his bank account information in an article.
     
  20. Rory

    Rory MB Club Veteran

    Messages:
    7,265
    Joined:
    Mar 12, 2005
    Location:
    Cheshire, UK
    Car:
    C270CDi Estate (late 2004 facelift model)
    I had one card hacked/cloned or whatever three times before I stopped using it, yet no issues with the other three cards I continue to use. One of the fraudulent sets of transactions involved currency exchange in a bank and the purchase of flight tickets - things you'd think would be secure and traceable.

    The card company didn't seem to care less. Just credited back everything and sent me a form to sign confirmed they weren't my transactions. These have got to be inside jobs.
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.