A member asked for our help when a fraudster hacked into their email and Amazon account, and racked up a £4k bill…
The member, who asked to remain anonymous, told us:
‘Both my email and Amazon accounts were hacked. The hacker altered my inbox settings so Amazon emails never arrived. Then they bought a £2,000 gaming laptop on the site. I reported it to Amazon and was refunded. Then my statement showed two more purchases, totalling another £2,000. The fraudster used Amazon Pay, and my card company refunded me under ‘Section 75’ rules. I assumed Amazon would relate these frauds to the original fraud, but it didn’t. It instead locked my account and demanded almost £1,000. I’ve contacted Amazon by email, phone and post but my account remains locked.’
Our say on hacked Amazon accounts
We contacted Amazon and it then got in touch with our member. It reactivated their account, cancelled the charge and sent them a gift card as an apology.
It’s unclear how the member’s email and Amazon accounts were compromised, as they used a different password for each, and there’s no suggestion that Amazon suffered a breach.
We advised the member to change both the password on their email and their Amazon account as soon as possible, and to activate two-factor verification. We also told them to cancel their card.
The member may have been ‘phished’, ie sent an email appearing to be from Amazon, directing them to log in on a false site. Always go directly to sites to log in. Don’t click through from emails.
You can send suspected spoof Amazon emails to stop-spoofing@amazon.com.