Was Your Amazon Account Hacked? How To Tell

Amazon is the largest online retailer in the world. With over 200 million Prime members worldwide, it’s easy to see why cybercriminals target account holders. If your Amazon account gets hacked, hackers can deploy several scams from it.

Some hackers change your credentials and lock you out. Others use your account for a brushing scam, which is essentially a way for stores to boost 5-star reviews of their subpar products. Identity theft becomes easier with a hacked Amazon account, as the hacker already has access to your personal details. There’s also the chance a hacker will order a lot of merchandise, ship it somewhere else, and leave you footing the bill.

The best way to avoid these types of fraud is to keep a close eye on your Amazon account and use cybersecurity products to help keep it safe. Quality antivirus software can protect you from malware that steals your credentials and phishing attacks that trick you into divulging sensitive information. Of course, knowing what to look for can also help you stay protected, so let’s get into the specifics.

What to do if your Amazon account is hacked (step-by-step)

If your Amazon account is hacked, there are a number of steps you can take to mitigate the damage and maybe even recoup losses. The best thing you can do to start is verify your account information, change all your passwords, and set alerts on your credit. The next step is to increase your security and review all the purchases made on your account. Finally, alert the proper channels and begin restoring your good name.

1. Reset your Amazon account password

This is the first step you should take, even if you aren’t sure if you’ve been hacked. If a hacker is working with your stolen credentials, resetting your password is the easiest way to lock them out. If you’ve been locked out by a hacker, resetting your password, contact Amazon Customer Service to report a security issue and recover your compromised account.

However, keep in mind that Amazon Support can be a mixed bag, and it can be very difficult to regain access to a hacked account if the email and phone number have been changed. 

2. Enable 2FA

Two-factor authentication (2FA) adds an extra layer of protection to your account. This may make it more difficult for a hacker to initially get into your account, and you’ll get an alert letting you know something’s amiss.

3. Verify and update your Amazon account information

Make sure your email address and phone number are verified, and update that information if necessary. Hackers can change your account details to lock you out or to complete unauthorized transactions. As a best practice, delete any expired or closed financial accounts from your payments section.

4. Review your order history for suspicious transactions

Check your orders page. If an order appears that you don’t remember making, immediately contact Amazon to dispute the charges.

5. Report unauthorized purchases

File a dispute claim and report all unauthorized transactions to Amazon immediately. You can also review your debit or credit card statements for suspicious charges and report them as well.

6. Unlink stored credit or debit card information

If you suspect your account is compromised, delete all of your payment information until your account is secured. Unlink all forms of payment.

7. Report the breach to Amazon

Even if you don’t find any fraudulent transactions, report a security issue or possible breach to Amazon. Stay in contact with Amazon support to wait for further instructions.

8. Set up the “Secure Your Account” feature on Amazon

In the login & security section of your Amazon account, enable the Secure Your Account feature. You can require biometrics, such as Face ID or fingerprint scanning, for login.

9. Update similar passwords used in other online accounts

Don’t reuse passwords! If you have a hard time keeping track of complex passwords or coming up with new ones, use a password manager with a password creator. Change all reused passwords.

10. Make sure other devices are not compromised

Log out of your Amazon account on all devices. If you change your password, it should prompt you to log out of other devices. This will ensure that someone can’t reuse old credentials to access your account again.

11. Run an antivirus scan

Your antivirus software works by blocking harmful viruses, malware, including spyware and ransomware, that can steal your credentials. Running a full system scan can catch any executables that may have been used to gain access to your account. 

However, keep in mind that it's more likely that an Amazon account hack occurs via phishing scams or credential reuse, not malware. And not all antivirus programs are designed to detect phishing or credential-stealing malware (known as keyloggers) unless it’s a known threat. 

That's why it's important to invest in software that frequently updates its database to identify emerging threats and offers comprehensive online protection. The best antivirus suites include password managers, secure browser extensions, VPNs, and other online security tools.

Signs your Amazon account may be hacked

You may not know right away if your account has been hacked. Strange as that may sound, hackers involved in an Amazon brushing scam could want your account open and usable to add legitimacy to their scam. You may also encounter a hacker who hopes you don’t notice as they make purchases from your account. This can be achieved by archiving the purchase so it doesn’t show up immediately.

It’s possible to know something is amiss when your account is being hacked. If you notice the signs soon enough, there’s a chance you can stop the hacker before the damage is done.

If you’re suspicious for any reason, change your current password immediately, then take time to explore the common warning signs, such as:

• You receive an alert for 2FA
• You receive an alert that biometric information was attempted and failed
• You receive an alert to change your password or other account information
• You try to log into your Amazon account and are denied access
• Your smart devices, like an Echo or your smart home security kit, go offline or are suddenly disabled
• You notice account details like address or payment information changed
• You receive a package you didn’t order
• You notice suspicious activity in your purchase history
• You discover fraudulent reviews in your name
• Your identity theft protection service notifies you of a possible data breach

How hackers access your Amazon account information

There are a variety of ways a hacker can access your account. A lot of times, the hack is completely preventable with the right software and know-how to protect against deceptive social engineering attacks like phishing or smishing. 

Ways a hacker can access your account:

• Phishing emails
• Smishing
• Keyloggers
• Spam one-time passwords (OTPs)
• Weak or reused passwords
• Hacked email accounts
• Hacked smartphones
• Leaked data from a different source

Antivirus software can protect against keyloggers, or malware designed to steal your credentials, while a virtual private network (VPN) can help secure your internet activity on public or home Wi-Fi networks. But while a VPN can encrypt your traffic on unsecure networks, making it harder for hackers to access your personal data, it can't prevent credential theft if you input info into a phishing page or if your device itself is already compromised.

It’s good to know what phishing and smishing look like so you don’t become a victim. If you receive an unsolicited email or text claiming your package can’t be delivered and that you need to update information by clicking a link, it is likely a phishing or smishing attempt. 

It’s also important to ensure each of your accounts has a unique, strong password, stored in a secure password manager. Remember that Google’s password manager isn’t as safe as dedicated password vaults, so don’t rely on your browser to keep your information private. 

How hackers can use your Amazon account information

Using your account to make purchases is definitely one reason hackers try to take it over. Using your account for fake product review scams or to steal your identity are others.

Employment identity theft is rare but real: someone uses your information to get a job in your name. There’s also the possibility that someone could use your account to pirate entertainment IP. Unfortunately, there are several ways to use an Amazon account for personal and financial gain.

Here are some common reasons hackers may take over your account:

• To make fraudulent purchases and send them somewhere else with your financial information
• To conduct brushing scams to give good reviews to subpar products
• To use your data to steal your identity
• To apply for Amazon jobs
• To take advantage of your Amazon services like Prime Video, Audible, or Kindle to pirate entertainment

15 tips to keep your Amazon account safe from hackers

Cybersecurity measures can help eliminate many of the avenues hackers use to gain access to your account. By using a trustworthy antivirus coupled with other security measures like 2FA or multi-factor authentication (MFA), biometrics, a VPN, and a password manager, you can keep all of your accounts safe, not just the Amazon accounts.

Follow these tips to help keep your Amazon account secure:

1. Log out of shared public devices.
2. Don’t share passwords.
3. Learn what email attacks look like and avoid clicking on anything suspicious.
4. Don’t click links in emails, texts, private messages on social media, or any other suspicious source.
5. Don’t share your personal info or account details.
6. Enable two-factor authentication or multi-factor authentication and use biometrics.
7. Use strong, complex passwords.
8. Use a password manager to store passwords and other sensitive information.
9. Use trustworthy antivirus software.
10. Keep all security tools up to date.
11. Keep operating systems up to date.
12. Keep real-time protection enabled on your antivirus software.
13. Set up regular antivirus scans on your device.
14. Check accounts for suspicious activity.
15. Change your password anytime something feels off.

Best antivirus software to protect against phishing attacks

Phishing attacks are one of the main ways hackers gain access to your credentials. This allows them to legitimately log into your account without triggering any fraud prevention systems Amazon has in place. Antivirus software can help protect you by analyzing emails and websites for phishing behavior and alerting you when it happens.

• McAfee Total Protection: McAfee offers AI-based analytics to help keep you from getting scammed. It can detect fake texts on mobile devices as well as phishing and scam activity online. Safe Browsing and WebAdvisor both analyze your interactions and notify you when something looks phishy.

  Get McAfee | Read Our McAfee Total Protection Review

• Norton 360 Antivirus: Norton 360 plans include a password manager to store sensitive data like your Amazon account credentials as well as anti-hacking features to keep you safe online. You can even install parental controls that come with some Norton plans to help protect kids online. Norton also includes Dark Web scanners that will alert you if data like your username and password is found, keeping all your accounts safer.

  Get Norton 360 | Read Our Norton 360 Antivirus Review

• Bitdefender Total Security: Bitdefender’s Web Protection technology specifically scans your online activity and emails for suspicious activity. It keeps a list of known phishing sites and can block activity from those places to stop phishing attempts before they reach you. Bitdefender watches you in real time to stop attacks before they start.

  Get Bitdefender | Read Our Bitdefender Total Security Review

Bottom line: Don’t be prime for the picking

Amazon account hacks are scary, considering how much potential there is for damages. You can stay safe online by learning about social engineering attacks like phishing and smishing and using quality antivirus software as well as other security products.

A good security stack with antivirus, a VPN, a firewall, and a password manager may seem like a lot, but it’s all necessary in today’s cybercrime-ridden world. Hackers may be getting more sophisticated, but by learning about their tactics, you can too.

FAQs