All About Cookies is an independent, advertising-supported website. Some of the offers that appear on this site are from third-party advertisers from which All About Cookies receives compensation. This compensation may impact how and where products appear on this site (including, for example, the order in which they appear).
All About Cookies does not include all financial or credit offers that might be available to consumers nor do we include all companies or all available products. Information is accurate as of the publishing date and has not been provided or endorsed by the advertiser.
The All About Cookies editorial team strives to provide accurate, in-depth information and reviews to help you, our reader, make online privacy decisions with confidence. Here's what you can expect from us:
- All About Cookies makes money when you click the links on our site to some of the products and offers that we mention. These partnerships do not influence our opinions or recommendations. Read more about how we make money.
- Partners are not able to review or request changes to our content except for compliance reasons.
- We aim to make sure everything on our site is up-to-date and accurate as of the publishing date, but we cannot guarantee we haven't missed something. It's your responsibility to double-check all information before making any decision. If you spot something that looks wrong, please let us know.
Amazon is the largest online retailer in the world. With over 200 million Prime members worldwide, it’s easy to see why cybercriminals target account holders. If your Amazon account gets hacked, there are several scams hackers can deploy from your account.
Some hackers change your credentials and lock you out. Others use your account for a brushing scam, which is essentially a way for stores to boost 5-star reviews of their subpar products. Identity theft becomes easier with a hacked Amazon account, as the hacker already has access to your personal details. There’s also the chance a hacker will order a lot of merchandise, ship it somewhere else, and you’ll be left footing the bill.
The best way to avoid these various frauds is to keep a close eye on your Amazon account as well as to use cybersecurity products to help keep your account safe. Quality antivirus software can protect you from malware that steals your credentials and phishing attacks that trick you into divulging sensitive information. Of course, knowing what to look for can also help you stay protected, so let’s get into the specifics.
Signs your Amazon account may be hacked
How hackers access your Amazon account information
How hackers can use your Amazon account information
15 tips to keep your Amazon account safe from hackers
FAQs
Bottom line: Don’t be prime for the picking
What to do if your Amazon account is hacked
If your Amazon account is hacked, there are a number of steps you can take to mitigate the damage and maybe even recoup losses. The best thing you can do to start is verify your account information, change all your passwords, and put alerts on your credit. The next step is to increase your security and review all the purchases made on your account. Finally, alert the proper channels and begin the process of restoring your good name.
Reset your Amazon account password
This is the first step you should take, even if you aren’t sure if you’ve been hacked. If a hacker is working with your stolen credentials, resetting your password is the easiest way to lock them out. If you’ve been locked out by a hacker resetting your password, contact Amazon Customer Service to report a security issue and recover your compromised account.
Enable 2FA
Two-factor authentication (2FA) protects your account by adding an additional layer of protection. This may make it more difficult for a hacker to get into your account initially, and you’ll get an alert letting you know something’s amiss.
Verify and update your Amazon account information
Make sure your email address and phone number are verified, and update that information if necessary. Hackers can change your account details to lock you out or to complete unauthorized transactions. As a best practice, delete any expired or closed financial accounts from your payments section.
Review your order history for suspicious transactions
Check your orders page. If an order appears that you don’t remember making, immediately contact Amazon to dispute the charges.
Report unauthorized purchases
File a dispute claim and report all unauthorized transactions to Amazon immediately. You can also look at your debit or credit card statements for suspicious charges and report those as well.
Unlink stored credit or debit card information
If you suspect your account is compromised, delete all of your payment information until your account is secured. Unlink all forms of payment.
Report the breach to Amazon
Even if you don’t find any fraudulent transactions, report a security issue or possible breach to Amazon. Stay in contact with Amazon support to wait for further instructions.
Set up the “Secure Your Account” feature on Amazon
In the login & security section of your Amazon account, enable the Secure Your Account feature. You can include biometrics like FaceID or a fingerprint scan in your login requirements.
Update similar passwords used in other online accounts
Don’t reuse passwords! If you have a hard time keeping track of complex passwords or coming up with new ones, use a password manager with a password creator. Change all reused passwords.
Make sure other devices are not compromised
Log out of your Amazon account on all devices. If you change your password, it should prompt you to log out of other devices. This will ensure someone can’t use old credentials to gain access to your account again.
Run an antivirus scan
Your antivirus software works by keeping out any harmful viruses and malware, including spyware and ransomware, which can be used to steal your credentials. Running a full system scan can catch any executables that may have been used to gain access to your account.
Signs your Amazon account may be hacked
You may not know right away if your account has been hacked. Strange as that may sound, hackers involved in an Amazon brushing scam could want your account open and usable to add legitimacy to their scam. You also may encounter a hacker who hopes you don’t notice as they send themselves purchases from your account. This can be achieved by archiving the purchase so it doesn’t show up immediately.
It’s possible to know something is amiss as your account is in the process of being hacked. If you notice the signs soon enough, there’s a chance you can stop the hacker before the damage is done.
If you’re suspicious for any reason, change your current password immediately, then take time to explore the common warning signs, such as:
- You receive an alert for 2FA
- You receive an alert that biometric information was attempted and failed
- You receive an alert to change your password or other account information
- You try to log into your Amazon account and are denied access
- Your smart devices like Echo or your smart home security kit go offline or are suddenly disabled
- You notice account details like address or payment information changed
- You receive a package you didn’t order
- You notice suspicious activity on your purchase history
- You discover fraudulent reviews in your name
- Your identity theft protection service notifies you of a possible data breach
How hackers access your Amazon account information
There are a variety of ways a hacker can access your account. A lot of times, the hack is completely preventable by having software and the know-how to protect against deceptive social engineering attacks like phishing or smishing.
Antivirus software can protect against any malware meant to steal your credentials, while a virtual private network (VPN) can keep your devices safe from keyloggers on public or home Wi-Fi.
It’s good to know what phishing and smishing look like so you don’t become a victim. If you receive an unsolicited email or text saying your package can’t be delivered and you need to update information by clicking a link, it’s likely that is a phishing or smishing attempt. It’s also good to make sure each of your accounts has a different, unique password that’s kept encrypted in a password manager. Remember that Google’s password manager isn’t safe, so don’t rely on your browser to keep your information private.
Other ways a hacker can access your account:
- Phishing emails
- Smishing
- Keyloggers
- Spam one-time passwords (OTPs)
- Weak or reused passwords
- Hacked email accounts
- Hacked smartphones
- Leaked data from a different source
How hackers can use your Amazon account information
Using your account to make purchases is definitely one reason hackers attempt to take over your account. Using your account for fake product review scams or to steal your identity are others.
Employment identity theft is a rare but real thing where someone uses your information to get a job with your identity. There’s also the possibility that someone could use your account to pirate entertainment IP. Unfortunately, there are several ways to use an Amazon account for personal and financial gain.
Here are some common reasons hackers may take over your account:
- To make fraudulent purchases and send them somewhere else with your financial information
- To conduct brushing scams to give good reviews to subpar products
- To use your data to steal your identity
- To apply for Amazon jobs
- To take advantage of your Amazon services like Prime Video, Audible, or Kindle to pirate entertainment
15 tips to keep your Amazon account safe from hackers
Cybersecurity measures can help eliminate a lot of the avenues hackers take to gain access to your account. By using a trustworthy antivirus coupled with other security measures like 2FA or multi-factor authentication (MFA), biometrics, a VPN, and a password manager, you can keep all of your accounts safe, not just the Amazon accounts.
Follow these tips to help keep your Amazon account secure:
- Log out of shared public devices.
- Don’t share passwords.
- Learn what email attacks look like and avoid clicking on anything suspicious.
- Don’t click links in emails, texts, private messages on social media, or any other suspicious source.
- Don’t share your personal info or account details.
- Enable two-factor authentication or multi-factor authentication and use biometrics.
- Use strong, complex passwords.
- Use a password manager to store passwords and other sensitive information.
- Use trustworthy antivirus software.
- Keep all security tools updated to the latest version.
- Keep operating systems updated to the latest version.
- Keep real-time protection enabled on your antivirus software.
- Set up regular antivirus scans on your device.
- Check accounts for suspicious activity.
- Change your password any time something feels off.
Best antivirus software to protect against phishing attacks
Phishing attacks are one of the main ways hackers gain access to your credentials. This allows them to legitimately log into your account and not alert any fraud prevention systems Amazon has in place. Antivirus software can help protect you by analyzing emails and websites for phishing behavior and alerting you when it happens.
- McAfee Total Protection: McAfee offers AI-based analytics to help keep you from getting scammed. It can detect fake texts on mobile devices as well as phishing and scam activity online. Safe Browsing and WebAdvisor both analyze your interactions and notify you when something looks phishy.
- Norton 360 Antivirus: Norton 360 plans include a password manager to store sensitive data like your Amazon account credentials as well as anti-hacking features to keep you safe online. You can even install parental controls that come with some Norton plans to help protect kids online. Norton also includes Dark Web scanners that will alert you if data like your username and password are found, keeping all your accounts safer.
- Bitdefender Total Security: Bitdefender’s Web Protection technology specifically scans your online activity and emails for suspicious activity. It keeps a list of known phishing sites and can block activity from those places to stop phishing attempts before they reach you. Bitdefender watches you in real time to stop attacks before they start.
Get Bitdefender | Read Our Bitdefender Total Security Review
FAQs
Does Amazon notify you if someone tries to log into your account?
Yes, Amazon alerts you if it thinks there’s suspicious activity on your account. Amazon requires confirmation if you try to log in, make a purchase, or change account information via these alerts. If you enable the Secure Your Account feature, you have even more protection by being able to directly reject login attempts to your account.
What if someone is trying to access my Amazon account?
If someone is trying to access your account but hasn’t yet done it, make sure to take a few steps. First, immediately change your current password. After your new password is secure, delete any personal information, including payment details, from your account. In addition, you’ll want to report a security issue to Amazon and continue to closely monitor your account.
Can I tell if someone logged into my Amazon account?
If you have the Secure Your Account feature active, you can monitor login attempts in real time. Other key things to look out for are changed credentials, new addresses, and changes in payment information. You’ll also want to thoroughly check your reviews and purchases for any suspicious activity.
What happens if your Amazon account is hacked?
If your Amazon account is hacked, you may be locked out or see unauthorized activity like false reviews and fraudulent purchases. If you’re locked out of your account, contact Customer Service immediately. If you have access, change your password, delete your payment information, and contact Customer Service to recover your account.
Why is my Amazon account on hold?
If Amazon notices unusual payment activity, it may put your account on hold. Amazon will send you an email or text message with information on what to do. Follow the instructions to reinstate your account and then change your login information.
Are the social media messages “Amazon got hacked” legit?
No, the “Amazon got hacked” PSAs you see on social media are just scams or hoaxes. Some people noticed new addresses added to their accounts, which was an internal error on Amazon’s part. Amazon added new storage lockers, and the locations nearest users were added as potential shipping options.
Amazon storage lockers are a great way to receive your packages if you live in an area where package theft is rampant, or you won’t be able to get to the package in a reasonable amount of time.
Bottom line: Don’t be prime for the picking
Amazon account hacks are scary, considering how much potential there is for damages. You can stay safe online by learning about social engineering attacks like phishing and smishing and using quality antivirus software as well as other security products.
A good security stack with antivirus, a VPN, a firewall, and a password manager may seem like a lot, but it’s all necessary in today’s cybercrime-ridden world. Hackers may be getting more sophisticated, but by learning about their tactics, you can too.