Increasingly we are hearing stories of Amazon Sellers losing a lot of money to Amazon Account hack attacks. We wanted to help spread the word about what sellers can do to protect themselves against such attacks. Here is some useful information on how these hacks happen and what you can do to protect yourself.
Typically the first thing sellers know about it is when they find out they have money missing. Sellers can find they have had thousands of pounds or dollars stolen and that they have become locked out of their account. It can be a long, hard and highly stressful slog that is hard to recover from and you many never get your money back.
Hackers normally gain access to accounts by one of three ways. Firstly by placing keylogging password capture tools onto your computer. As you enter your username and password the logger records the login details and then sends them back to the hackers. Secondly by enticing you to complete your details on a website page that looks genuine, known as phishing. Thirdly by purchasing lists of compromised user data on the dark web and using this to attempt to log in. As users frequently use the same password on multiple platforms, there is a reasonable chance your login for Amazon will be the same, so they try it.
Whichever route they take, once the hackers have your details they are then free to log into your Amazon account, change all your details, including your bank account and email details. Now they can then withdraw funds from your account without you knowing.
Choosing a good “secure” password is unlikely to help you beat many hack attacks as often they are not guessing your password, they are using some sort of tool to capture it. It could be written in greek and the hackers would have no problem.
There are things that online sellers can do to protect their accounts, not just with Amazon but also with Paypal, eBay and other high-risk websites.
Two-Step Verification is a method of adding another layer of security to your account. It is used throughout the web where more secure logon technology is needed. It is also known as two-step authentication.
With Two-Step Verification you sign in using information you know (your password) and also using something only you can have (normally a mobile device). In the case of Amazon, you sign in to your Amazon account through your browser as normal. You enter your password, then either enter a code that is texted to your phone, or one that is generated using the Amazon Authenticator App on your mobile device. Amazon will only allow you into your account once the code sent to your device has been entered into the browser and validated.
As it requires you also to use your mobile device, it means that someone gaining a copy of your password can’t access your Amazon account.
How do you do it?
Amazon have written step by step instructions on how to turn Two-Step Verification on, how to sign in using Two-Step Verification, and how to disable Two-Step Verification should you need to in the future.
Will it secure my account?
Nothing can ever secure anything 100%, however, this will make it very difficult for individuals with bad intent to access your account as they would need to steal both your password and also gain access to your physical device.
Never, ever, click on an email link telling you to “log into your Amazon Account”, however genuine it may seem. Even if it appears to come from Amazon. ALWAYS open a new browser window and carry out a normal login. Phising emails like these aim to direct you to a fake Amazon page which may look and feel VERY like the real thing. As you enter your details, they are captured then used to log into your real account.
Run a good quality internet security package (Antivirus) on your computer. Make sure it is kept up to date as outdated security packages are pretty much useless.
Don’t reuse passwords. Use a password generator to create complex, unique passwords for all your vulnerable accounts. Change passwords frequently.
Amazon Account hacks are at their most horrific and damaging when sellers have a large amount of money sitting in their Amazon Account. Allowing payment funds to build up in your Amazon Account simply means you have more to lose if someone does hack your account.
Standard Amazon settings are for fund transfer every 14 days to your bank account. You can ask for this to happen much more frequently, up to once every 24 hours. See here or more information.
Things are always changing on the net. Don’t assume that because you implemented all these measures today that you will be safe forever and can forget about security. It can be hard to follow new security developments for sure. Joining user groups, reading articles and generally trying to keep up-to-date with security issues across all your platforms will give you a better chance of keeping one step ahead.
It can be difficult to work out if Multi-channel software will do what you need it to do. We spend a lot of time working with online sellers, helping them to work out what it is they need from a multichannel solution. We have compiled the answers to all their questions into this online guide.
Expandly is multichannel management software that is all about saving you time and effort.
From the moment you login in the morning to the moment you ship your orders, Expandly aims to reduce your workload. It is simple, easy to use and focussed on helping small ecommerce businesses go from home-office or unit to warehouse and beyond.