Unusual amazon account activity

Sep 3rd, 2020 7:26 am

#1

headleygrange [OP]: Deal Addict; Apr 13, 2017; 2771 posts; 1314 upvotes; GTA

Sep 3rd, 2020 7:26 am

Few weeks ago, got an email that mobile number has been deleted from amazon uk account (I never signed up for amazon uk). One more email that there was a sign in attempt from Washington DC.

Reset my password, removed my payment methods.

Yesterday got email that there was an order placed from my amazon.ca account , followed by email that my account has been locked and that I would need to reset my password.

Checked my account- no orders, charges to my credit card etc (I had removed all my credit cards).

Anyone also had similar unusual activity? I’m pretty much done with amazon. I set a super strong password and have 2 factor authentication, but still hacked.

Share:

Sep 3rd, 2020 7:59 am

#2

engineered: Deal Expert; Feb 11, 2007; 18693 posts; 21366 upvotes; GTA

Sep 3rd, 2020 7:59 am

Are you sure those emails are actually from Amazon and not phishing emails?

If the women don't find you handsome, they should at least find you handy.

+10

Sep 3rd, 2020 8:25 am

#3

tew: Deal Addict; Jun 13, 2010; 4978 posts; 5717 upvotes; GTA

Sep 3rd, 2020 8:25 am

engineered wrote: ↑ Are you sure those emails are actually from Amazon and not phishing emails?

This. Has nothing to do with your Amazon account, they just want you to click on the link in the email. I've have "payment failed" emails from "Netflix" to an email I didn't use for Netflix, Paypal problem emails and I don't use Paypal. I even had messages for problems with my account from banks I've never used.

+5

Sep 3rd, 2020 9:56 am

#4

mindabsence: Deal Addict; Nov 23, 2004; 1033 posts; 1844 upvotes; Ontario

Sep 3rd, 2020 9:56 am

You've been phished my friend.

Anywhere else you use that email or password I would also be going and resetting because they now have that particular email+password combination known, and likely also being published/sold among all sorts of illegitimate groups out there now too.

+1

Sep 3rd, 2020 10:00 am

#5

headleygrange [OP]: Deal Addict; Apr 13, 2017; 2771 posts; 1314 upvotes; GTA

Sep 3rd, 2020 10:00 am

Not phishing. They are legit amazon emails. I used unique password for amazon that was never used elsewhere.

Sep 3rd, 2020 10:45 am

#6

tew: Deal Addict; Jun 13, 2010; 4978 posts; 5717 upvotes; GTA

Sep 3rd, 2020 10:45 am

headleygrange wrote: ↑ Not phishing. They are legit amazon emails. I used unique password for amazon that was never used elsewhere.

How can they be legit if you never signed up for the UK? Call Amazon, they will tell you if they are real or not.

+1

Sep 3rd, 2020 11:42 am

#7

headleygrange [OP]: Deal Addict; Apr 13, 2017; 2771 posts; 1314 upvotes; GTA

Sep 3rd, 2020 11:42 am

Called amazon. Apparently, someone hacked my account, added a payment information (not my card) and sent a package to my address.

Weird.

Anyways, they canceled order, payment method etc. I had 2 factor authentication set always on, but somehow they were able to skip that.

+1

Sep 3rd, 2020 11:51 am

#8

Jaytee: Deal Fanatic; Jul 7, 2003; 7351 posts; 2343 upvotes; T dot 6

Sep 3rd, 2020 11:51 am

headleygrange wrote: ↑ I had 2 factor authentication set always on

Thanks, I didnt even realized amazon.ca supported 2FA

stubhub and clearly.ca suck, like really suck

Sep 3rd, 2020 11:52 am

#9

Jaytee: Deal Fanatic; Jul 7, 2003; 7351 posts; 2343 upvotes; T dot 6

Sep 3rd, 2020 11:52 am

headleygrange wrote: ↑ I had 2 factor authentication set always on, but somehow they were able to skip that.

Im curious, did you use SMS or Authenicator app for 2FA?

I read SMS is not a secure method for 2FA, its better then no 2FA but phone numbers can be spoofed.

stubhub and clearly.ca suck, like really suck

Sep 3rd, 2020 11:57 am

#10

headleygrange [OP]: Deal Addict; Apr 13, 2017; 2771 posts; 1314 upvotes; GTA

Sep 3rd, 2020 11:57 am

Jaytee wrote: ↑ Im curious, did you use SMS or Authenicator app for 2FA?

I read SMS is not a secure method for 2FA, its better then no 2FA but phone numbers can be spoofed.

SMS.

Sep 3rd, 2020 11:57 am

#11

tew: Deal Addict; Jun 13, 2010; 4978 posts; 5717 upvotes; GTA

Sep 3rd, 2020 11:57 am

headleygrange wrote: ↑ Called amazon. Apparently, someone hacked my account, added a payment information (not my card) and sent a package to my address.

Weird.

Anyways, they canceled order, payment method etc. I had 2 factor authentication set always on, but somehow they were able to skip that.

Weird. Don't see what the hacker gets out of it shipping something to your address.

Sep 3rd, 2020 12:23 pm

#12

Jucius Maximus: Deal Expert; Aug 18, 2005; 20880 posts; 5455 upvotes; Burlington-Hamilton

Sep 3rd, 2020 12:23 pm

This kind of thing is why I create a unique e-mail for each service I use. It's a hassle to set up, but you can shoot down scam attempt really fast.

+2

Sep 3rd, 2020 2:04 pm

#13

BobSagget: Deal Expert; Jan 17, 2009; 20779 posts; 31106 upvotes; ONTARIO

Sep 3rd, 2020 2:04 pm

Jaytee wrote: ↑ Thanks, I didnt even realized amazon.ca supported 2FA

I use the Google Authenticator app as my 2FA on Amazon and it works great.
I wish every website would add support for this! Especially banking websites like TD.

+2

Sep 3rd, 2020 2:11 pm

#14

sudesingh: Sr. Member; Sep 24, 2004; 946 posts; 562 upvotes; Scarborough

Sep 3rd, 2020 2:11 pm

BobSagget wrote: ↑ I use the Google Authenticator app as my 2FA on Amazon and it works great.
I wish every website would add support for this! Especially banking websites like TD.

Didn't know Amazon supported Google Authenticator.

Thanks for the tip.

Sep 3rd, 2020 2:19 pm

#15

Jucius Maximus: Deal Expert; Aug 18, 2005; 20880 posts; 5455 upvotes; Burlington-Hamilton

Sep 3rd, 2020 2:19 pm

BobSagget wrote: ↑ I use the Google Authenticator app as my 2FA on Amazon and it works great.
I wish every website would add support for this! Especially banking websites like TD.

Has amazon updated now so that you can exclusively use Google Authenticator, etc., without having a phone number backup?

This is the whole reason I didn't enable 2FA on Amazon. I don't want my phone provider the be the weakest link.

- casual gastronomist -

Sep 3rd, 2020 2:22 pm

#16

headleygrange [OP]: Deal Addict; Apr 13, 2017; 2771 posts; 1314 upvotes; GTA

Sep 3rd, 2020 2:22 pm

So, only keep the authenticator app, but not use any backup method ?

Sep 3rd, 2020 2:23 pm

#17

BobSagget: Deal Expert; Jan 17, 2009; 20779 posts; 31106 upvotes; ONTARIO

Sep 3rd, 2020 2:23 pm

Jucius Maximus wrote: ↑ Has amazon updated now so that you can exclusively use Google Authenticator, etc., without having a phone number backup?

This is the whole reason I didn't enable 2FA on Amazon. I don't want my phone provider the be the weakest link.

yes, I think so. It's been a few months now since I set it up but I don't remember needing any phone number backup when I enabled it.

Sep 3rd, 2020 2:26 pm

#18

BobSagget: Deal Expert; Jan 17, 2009; 20779 posts; 31106 upvotes; ONTARIO

Sep 3rd, 2020 2:26 pm

Jucius Maximus wrote: ↑ Has amazon updated now so that you can exclusively use Google Authenticator, etc., without having a phone number backup?

This is the whole reason I didn't enable 2FA on Amazon. I don't want my phone provider the be the weakest link.

Yes, I just verified again that a phone number backup is not required.

+1

Sep 3rd, 2020 3:10 pm

#19

Jucius Maximus: Deal Expert; Aug 18, 2005; 20880 posts; 5455 upvotes; Burlington-Hamilton

Sep 3rd, 2020 3:10 pm

BobSagget wrote: ↑ yes, I think so. It's been a few months now since I set it up but I don't remember needing any phone number backup when I enabled it.

You're right. Thanks, I have it set up now!!

headleygrange wrote: ↑So, only keep the authenticator app, but not use any backup method ?

That's what I do. But it's dicey. You have to be confident in your own ability to recover from data loss and phone loss.
A good way to do this is to save all of those 2FA QR codes into an encrypted password manager.
And you should be doubly sure you regularly back up that password manager's database. Otherwise you could be in for a big headache if you experience data loss.

- casual gastronomist -

Unusual amazon account activity

Unusual amazon account activity

Thread Information

Trending Hot Deals