Hot Deal Amazon account hacked

880°
Missing
Deal Subedar
513
2333
32

Hi all,

Just for awareness purpose.
Today when I woke up, I saw messages about deduction in my Amazon pay balance.
When I visited my Amazon account I found that 3 orders placed from my account for total 26000. I was in shocked and panic. I was having total 26500 amazon pay balance which I collected to purchase something big for my family. All these voucher were given by my employer time by time as appreciation.

I called Amazon to inform about this. They were kind enough. Collected all my information and inform to wait for 48 hours. In their investigation, if they found this as fraud case, they will revert my balance. I ask them if they need FRI case to register. CC said they don’t need it, but if you want you can register.

I have not yet registered any case, as one of my friend who works for Amazon suggested me to wait till Amazon’s response then registere case if no resolution found. He also inform many time Amazon returns money to customer in such cases.

I haven’t share my id/pwd with anyone. I dont have any games or any non required apps install on my mobile. Infact my mobile in encrypted as my employer has strict policy about it to use company email. I didn’t received any pwd change sms or OTP.

These orders were placed at 3.00AM. using Temp email address.

So as now, I have just informed Amazon about it and waiting for their response. I will keep you updated about it.

57 Comments  |  
39 Dimers
Missing
Shopping Friend
0
5297
68

Feel sorry for you. But keep in touch with Amazon. Have seen many cases in the past here on DD & Amazon have refunded the amount in case of fraudulent transactions.

Also for a safer always enable two step verification whether it’s Amazon, Gmail or any other app which can harm us financially or where there’s a possibility that someone can access our personal data/information.

Missing
Pro Critic
181
4792
139

That’s unfortunate. Usually this happens if you share your account info or install/sideload malicious app. These apps looks like normal apps or game. They work like any other app or game but they also collect data, read OTP and send it to the developer.

What did they order? Most probably gift cards. If they ordered physical items then it will take some time to ship and Amazon can cancel it easily.

I hope you get your money back.

Also, enable 2 factor authentication if you keep considerable balance (more than 1000 rs) in your account.

Missing
Deal Subedar
0
2684
37

I have enabled 2 step to all my account if have 0 rs in my account for security reasons. Always enable 2 step verification nobody knows in which method fraud happens. Security needs to taken as consideration very seriously . Even 1rs is important.

Missing
Deal Subedar
513
2333
32

I have already enabled 2 step verification. But as this was amazon pay balance order got placed without any otp.

Also as I said, my phone is already encrypted as per my company policy. I dont have any game or side apps installed on my mobile.

I am still in surprise how that bast**** got access of my account.

I have removed few details from my post, as you never know the hacker might be on DD too.

But order was for electronic gift voucher only.

Lets see what Amazon revert with. Hoping for best.

Missing
Deal Cadet
0
752
6
nhavale wrote:

I have already enabled 2 step verification. But as this was amazon pay balance order got placed without any otp.

Also as I said, my phone is already encrypted as per my company policy. I dont have any game or side apps installed on my mobile.

I am still in surprise how that bast**** got access of my account.

I have removed few details from my post, as you never know the hacker might be on DD too.

But order was for electronic gift voucher only.

Lets see what Amazon revert with. Hoping for best.

You need to enable 2 step verification for logging into Amazon account. You can use any Authenticator app which will need you to enter OTP when any device is used to access your Amazon account.

Missing
Pro Blogger
1,854
5472
76
nhavale wrote:

I have already enabled 2 step verification. But as this was amazon pay balance order got placed without any otp.

Also as I said, my phone is already encrypted as per my company policy. I dont have any game or side apps installed on my mobile.

I am still in surprise how that bast**** got access of my account.

I have removed few details from my post, as you never know the hacker might be on DD too.

But order was for electronic gift voucher only.

Lets see what Amazon revert with. Hoping for best.

Looks damn suspicious to me as Amz needs login credentials even for paying to any apps/services. Have you got any remote desktop app installed in your phone?

Missing
Deal Subedar
513
2333
32
Expand
deb3l wrote:

Looks damn suspicious to me as Amz needs login credentials even for paying to any apps/services. Have you got any remote desktop app installed in your phone?

No, as I said I dont have any such apps on my mobile.

Missing
Analyst
0
10465
106

U enabled 2 step verification also nd no such malicious apps in urs device!! ?🤔 confused

@Amazonofficial So how’s this possible stuck_out_tongue?

Missing
Deal Lieutenant
36
6472
54

@nhavale if you are nowhere at fault, you will receive money back along with 5% bonus .

Missing
Deal Subedar
513
2333
32

update :

Got email from Amazon.
My account is reset. and they confirm its a fraud case, they are not sure about the method though. I will be getting refund in 10 Days.
So happy and thankful to amazon team.
I will post update once I get refund.

Missing
Shopping Friend
0
5297
68
nhavale wrote:

update :

Got email from Amazon.
My account is reset. and they confirm its a fraud case, they are not sure about the method though. I will be getting refund in 10 Days.
So happy and thankful to amazon team.
I will post update once I get refund.

Great. plus1

Missing
Critic
376
4095
51

so far, these type of frauds were reported by only with accounts not having 2 factor authorisation.
the modus operandi is login at the middle of the night, change linked email id and password, buy gift cards using amazon pay balance.
this is the first time I am seeing someone claiming to have enabled amazon 2 factor authorisation login and still getting this type of fraud.
that makes it really worrysome.
OP please reconfirm that you have enabled amazon 2 factor login i.e. you require OTP every time to login to a new device.

Missing
Deal Lieutenant
1,449
3321
50

My Amazon Account was hacked too earlier this morning at around 10:23 AM

Rs 3100.00 was paid on Amazon.in

Gift Card, E-mail Delivery
Send to: [email protected]
Amount: Rs. 100.00
Quantity: 1

Gift Card, E-mail Delivery
Send to: [email protected]
Amount: Rs. 1,000.00
Quantity: 3
-————————————————————————————-
Subtotal: Rs. 3,100.00
Postage & Packing: FREE
VAT: Rs. 0.00
-——
TOTAL: Rs. 3,100.00

Missing
Shopping Friend
0
5297
68
NinjaPanda wrote:

My Amazon Account was hacked too earlier this morning at around 10:23 AM

Rs 3100.00 was paid on Amazon.in

Gift Card, E-mail Delivery
Send to: [email protected]
Amount: Rs. 100.00
Quantity: 1

Gift Card, E-mail Delivery
Send to: [email protected]
Amount: Rs. 1,000.00
Quantity: 3
-————————————————————————————-
Subtotal: Rs. 3,100.00
Postage & Packing: FREE
VAT: Rs. 0.00
-——
TOTAL: Rs. 3,100.00

Did you raise the complaint with Amazon?

Missing
Deal Cadet
100
608
4

Coincidentally I have received an email about changing my password as a precautionary measure just today. flushed

Missing
Shopping Friend
0
5297
68
Expand
NinjaPanda wrote:

Yes, i just did at 6:02 PM.

Okay. You will get the refund. Just keep in touch with Amazon until it resolved.

Missing
Deal Subedar
0
2603
28
Expand
NinjaPanda wrote:

Yes, i just did at 6:02 PM.

how they are doing this when 2FA is enabled?
do you use any unknown app with giving it all permissions like sms, contacts, storage ?

Missing
Deal Lieutenant
216
5936
104
Expand
b4tm4n wrote:

how they are doing this when 2FA is enabled?
do you use any unknown app with giving it all permissions like sms, contacts, storage ?

+1.

it really surprising how fraudster able to login when 2FA is enabled.
Surely somehow credentials are leaked ..
any suspected app or anywhere you logged in public computers..

a bit in depth analysis helps others.

@NinjaPanda
@nhvhgfv

Missing
Deal Cadet
52
211
1
rohan8397 wrote:

Can it be due to uc browser login?

Yes ,it can be . You don’t know these Chinese companies

Missing
Deal Lieutenant
194
5829
65

You might have used same password on other sites as well – possible reason

Missing
Critic
376
4095
51
caks2006407 wrote:

You might have used same password on other sites as well – possible reason

does not explain how 2FA login OTP was bypassed

Missing
Deal Cadet
0
814
21
Expand
panchabhut wrote:

does not explain how 2FA login OTP was bypassed

i think OP misunderstood and thought the 2FA is for the payment method (credit/debit card) which is not required for apay payments…which raises an important point that it’s high time amz implements OTP for apay wallet transactions as well wink

Missing
Deal Subedar
0
2204
23
Expand
waterloo wrote:

i think OP misunderstood and thought the 2FA is for the payment method (credit/debit card) which is not required for apay payments…which raises an important point that it’s high time amz implements OTP for apay wallet transactions as well wink

And the OTP for apay plays down the basic utility of apay wallet – hassle free payment facility

Missing
Deal Subedar
361
2720
72

It happened to me once. Luckily i had inly 20 in amazon pay. They changed my mail id also, spoke to CC. They used Rs. 20 to recharge but those recharge orders not showing in order details. Since then i stopped loading.

Missing
Deal Cadet
67
253
2
NinjaPanda wrote:

My Amazon Account was hacked too earlier this morning at around 10:23 AM

Rs 3100.00 was paid on Amazon.in

Gift Card, E-mail Delivery
Send to: [email protected]
Amount: Rs. 100.00
Quantity: 1

Gift Card, E-mail Delivery
Send to: [email protected]
Amount: Rs. 1,000.00
Quantity: 3
-————————————————————————————-
Subtotal: Rs. 3,100.00
Postage & Packing: FREE
VAT: Rs. 0.00
-——
TOTAL: Rs. 3,100.00

What giftcard it is

Missing
Deal Subedar
513
2333
32

Update 2 :

Got all my money back to az pay. Also got 1250 extra.
Very happy and relaxed now.

Also abt 2fa, sorry for misunderstanding. My account was not having 2FA. Now I have added it.

So all is well now.

Missing
Deal Cadet
100
252
3

One more thing buy a online protection fraud insurance from MobiKwik for 1 months of RS 50 for 50000 max secure account

Missing