What is an Amazon Authorized Service Provider

Cyber ​​criminals find a way to hack Amazon accounts and place orders even if passwords are changed

Amazon doesn't seem to be taking a break when it comes to cybersecurity and privacy. Then if it's not one, it's the other. It seems like we talked about the latest data breach on Amazon just before Black Friday yesterday. And now we have a handful of other stories that say hackers manage to place unauthorized orders even if the account's password has been changed.

So what's the problem? How is it that these crooks can still steal money from Amazon customers even if they employ all the vital security measures? Well, apparently the hackers are really smart, and Amazon is just too humorous on its own.

The secret behind unauthorized orders on Amazon

It seems it all started with a rogue TV. Here you can stop and reread the previous sentence. A TV? What does a television have to do with cyber crime?

To be honest, according to The Register's report, a smart TV can be successfully used to place unauthorized orders without the user knowing anything about it. This happens when the fraudster's smart device is linked to the victim's profile on the platform. What's worse, Amazon might not notice this either! This means that Amazon's security system has obvious flaws. If we take a closer look at the problem, we will find that the crooks clearly found a security hole and were able to exploit it quickly.

While the aforementioned report of a TV placing unauthorized orders on Amazon seems like an isolated incident, after the report was published, more readers responded and shared their experiences. It seems that unauthorized phantom device orders are much more common than it seems. The problem with such phantom devices is that they can top up the user's account cards even if the user changes their passwords frequently and multifactor authentication is enabled.

This is of course worrying as cybersecurity specialists and various service providers keep repeating the importance of renewing passwords and how strong and unique those passwords need to be. There are many users who employ password managers to meet these security standards. If you're wondering how it feels, you can try on this button to click. Try the FREE 30-day trial version now! Click the button on the right to see how a password manager works. However, using a password manager and activating multi-factor authentication cannot guarantee the security of your data if the service provider makes the system vulnerable!

Amazon Profile Blunders

While you can easily see the unauthorized orders on Amazon by checking your profile, the same cannot be said for finding the phantom devices that placed those orders. The testimonials show that the problematic device cannot be seen in the usual account settings. The devices that are not in the list of linked gadgets are usually Android devices. According to user reports, these devices are usually hidden in the Amazon Prime settings. If you can't see a device, don't even think it was dealing with unauthorized orders.

How are these phantom devices even added to the victim's profile? While each case may be different, it is very likely that the victims' emails were leaked or compromised and the hackers simply guessed the password. If users use the same email address for different accounts, criminals can access multiple accounts and services with a single compromised email address.

With that in mind, it's a good idea to regularly check whether your email has been leaked or not. To avoid unauthorized orders on Amazon via Phantom smart devices, you should also check your Amazon Prime settings. Even if the scam devices are not shown in the main settings menu, they will show up on the Prime devices.

Additionally, if you find that your account is frequently being billed for products that have not been purchased, you must immediately contact Amazon Customer Service to notify them of these transactions. It is very unlikely that Amazon will do anything on its own as the purchases are legitimate from the system's point of view as they are made through your account.

How to protect your account from unauthorized orders

As we have already established, the security of your data depends on both your security habits and the service provider. So it is also up to Amazon to figure out how to properly display all of the devices so that users can see what is associated with their profile. When clarity is achieved in the settings, it will be much easier to see that the account has been compromised.

Also, let's not forget about the usual security measures that are often overlooked because they are so simple. For example, password reuse and password security can be linked to light data theft. Although it is sometimes not possible to use the same email address in different accounts, using the same password again leads directly to a data breach.

Therefore, unique and secure passwords should be used everywhere. If you can enable multi-factor authentication on the platform you are using, do so. This additional level of security may be perceived as annoying if it is another hurdle to accessing your profile. However, this extra step for you creates several obstacles for hackers. If this can protect your personal information, then it should not be overlooked.

If you feel lost or confused about any aspect of cybersecurity, feel free to leave us a comment. We can work on your questions together and see how we can help you.