# Help! My Amazon email was changed without my permission.



## anniejocoby (Aug 11, 2013)

I haven't gotten an email from KDP about anything amiss, and all my books are still for sale. Is this a glitch that has happened to anybody else? I'm freaking out right now...

Update - my email was changed without my permission. I called Amazon about this, and he confirmed that. Somebody now has access to my KDP account. Will they be able to take my earnings and put it into their bank account? This is really freaking me out. 

Further update - it was a Russian hacker. My email was changed to mail.ru. I just logged into Mail.ru, it's Russian. OMG....

Latest update, in case anybody was wondering...I have a pre-order due tomorrow at 5. I actually spoke with a KDP Rep, believe it or not, and there's now at least a record of our conversation. I gave her the ASIN, and she confirmed that I have to have the pre-order in tomorrow, and she confirmed that I was hacked. I hope this is good enough, because if I can't get into my account to upload my pre-order, and they lock me out of pre-orders for a year because of it, I'll be livid.


----------



## Nic (Nov 17, 2013)

Are you sure you logged in with your exact password?


----------



## anniejocoby (Aug 11, 2013)

Nic said:


> Are you sure you logged in with your exact password?


Yeah. I just called Amazon, and the guy said that my email was changed without my permission. What was weird was that he didn't even have a record of my email address in his system. Like, at all. I had to give him the order number for something that I had ordered off of Amazon before, otherwise he wouldn't have been able to find my email address at all.

I Googled the issue and found that other people had had their Amazon emails changed without their permission, but Amazon emailed them at their old email address with a message that their email had been successfully changed. I've obviously been hacked, now I'm thinking that I'm going to need to change my bank account information.

I have a pre-order due tomorrow at 5. The issue has been forwarded to an account specialist, whatever that means. This is exactly what I don't need right now...


----------



## Pandorra (Aug 22, 2017)

You don't use PayPal for anything do you?

PayPal has a glitch in its system they won't fix and it is NOT secure, amazon has some pretty decent security and is safe in itself so I am assuming if you don't use PayPal you logged into another vulnerable site using the same password. What's going on is ppl are using tracing programs that record data sent between servers, such as the confirmation code sent between retailers when you make a digital payment. The programs record the code and use it to access your account .. the other thing they can get is log in information from unsecured sites. If they have an active bot working in the background, they use it to record (again) info between servers, in this case your IP and log in info that is sent between the servers verifying you as you .. 


Run a full virus scan and dl something like advanced system care 10 or any good program that keeps your files and system clean.


Change all your passwords - don't use the SAME PW for multiple sites


Stick to Valid sites


Don't download anything your not 100% certain of


----------



## ImaWriter (Aug 12, 2015)

Annie, I'm so sorry to hear this! I can't offer any suggestions of what you should do, but changing your banking info and alerting your bank about this asap, is likely a good start. And if you use the same password for anything else (which no one should ever do!) change it right away.

Everyone, Amazon has a 2 step verification login, but you have to turn it on. If you don't use this step on Amazon, or any other site that provides this extra layer of security, start.


----------



## Travelian (Jun 1, 2017)

Sorry this happened to you. The advice I'd give about anti-virus and anti-malware software and Amazon's 2-step verification has already been stated above.

I'd also suggest being wary about any Amazon emails where you're asked to click on links. Phishing is a common way for hackers to access email accounts.


----------



## Nathan Elliott (May 29, 2012)

Lynna is correct.  You need to be certain you are the only who has access to your email account or else this can happen again as soon as you fix it.  Email is the keys to the kingdom.  If you did not get the confirmation email from Amazon, then I would bet that your email is already compromised.  When you change your email password, also make sure that your email is not being forwarded to anywhere else.  Most services will allow you to set up forwarding so that a copy can be sent to another address.  If the hacker has set it up to forward a copy of your emails to themselves, then just changing the password will not solve the problem.

I would at least hope that your bank info is secure.  I don't think Amazon will display the whole account number where the hackers could see it.  But if you use PayPal associated with the same email address that you use with KDP, I would look into that ASAP.  There they could get money even without knowing the acct number.

Good luck.  I hope you are able to sort it out!


----------



## DanaFraser (Apr 5, 2016)

another vote for 2-step verification. It's not a pain to use.


----------



## Simply_Me (Mar 31, 2016)

Anniejocoby, besides the Amazon 2-step verification, I suggest that you also close any bank account and credit cards that were on file, and get new ones. I know is a pain, but if you were hacked, it's better to cover all possible weaknesses. And there won't be any direct deposits until the end of the month, so there is time to change things. I'm assuming that you only have a single Amazon account for everything.

I would also create a new gmail account protected with Google's 2-Step Verification https://www.google.com/landing/2step/ And use it only for KDP. It's what I do, and I go as far as to have a different phone number than the one I use with Amazon 2-step verification. If one account is compromised, the other might not. And set all the available warnings too.

I know some famous Gmail accounts had been hacked, but in my cyber-security experience Google servers are still more secured than any commercial servers hosting our domain names, and emails. The author domain are good for marketing, but for financial stuff I prefer the anonymity of gmail with their 2-Step Verification.

I edited this post to add, that because we don't know how much of your information these hackers got, another preventive step you could do is a Credit Freeze, also known as a Security Freeze, to prevent anybody from opening new accounts in your name. This is a service that the Credit Bureaus offer to avoid identity theft.

Best of luck, and hugs!


----------



## 75845 (Jan 1, 1970)

Before rushing to change your bank details you might want to investigate if Amazon stepped in to stop any further access after the email was changed. It should trigger a response if someone being paid in the US has the email changed to mail.ru. On the few occasions I bother to check the spam rejections on my email server it is full of mail.ru addresses and I'd be shocked if Amazon had not put some security backstop in place, especially if they were getting a lot of contacts from customers/authors saying no I did not ask you to change my password.


----------



## katherinef (Dec 13, 2012)

Ugh, it looks like this hasn't happened only to you. I'm seeing posts about it on Reddit and Amazon's forums. What I'd like to know is how they're getting into the accounts. Did they hack Amazon? Can they get through or avoid 2-step verification too? I'm going to remove my credit card info from my account for now. This is very worrying. I hope Amazon resolves it.


----------



## Becca Mills (Apr 27, 2012)

I hope this gets sorted out with no damage, Annie. 

I'll put a word in for using a password manager like LastPass, which is free and works very well, in my experience. With a password manager, you log into that app with a single password, then let it fill in all your passwords for you. That makes it possible to have your passwords be something like "ppgPe%2%BX*11Cvqvtp%Va0Aec&OExC!3ut5Fl6Z*o4oEU0FjyqtKk*ap5sj7psX!#j7hOg^dRNpw9Mw" (LastPass will generate random strings like this, at whatever length and with whatever types of characters you specify), with a completely different one for every site you use. In LastPass's case, the app integrates seamlessly with your browser. Make your password manager's password memorable but impregnable, with upper- and lowercase letters, numbers, and symbols. Something like, "From ages 7 through 11, my favorite number was 11. But as soon as I turned 12, 11 seemed way too small! So I went with 33 instead."

Two-step authentication is a very good idea too, though I hear phone-number theft is on the rise, so it's not a panacea. Excellent password hygiene is still important.


----------



## SuzyQ (Jun 22, 2017)

This is terrifying. I hope you are able to solve!

How do you set up two-step verification? I think this is definitely a good idea!


----------



## Becca Mills (Apr 27, 2012)

SuzyQ said:


> This is terrifying. I hope you are able to solve!
> 
> How do you set up two-step verification? I think this is definitely a good idea!


Directions: https://www.amazon.com/gp/help/customer/display.html?nodeId=201962420


----------



## SuzyQ (Jun 22, 2017)

Becca Mills said:


> Directions: https://www.amazon.com/gp/help/customer/display.html?nodeId=201962420


 Thank you kindly


----------



## TheLemontree (Sep 12, 2015)

[TheLemonTree goes directly to Amazon and changes her account settings to 2-factor authentication]


----------



## anniejocoby (Aug 11, 2013)

I don't have much more to add except THANK YOU everyone for your kind words and your advice. I appreciate it more than you know. 

I'll have to investigate the last pass thing. And definitely do the two-step verification.

Now, if this damned thing will just be resolved before 5 PM tomorrow, I'll be fine.


----------



## Nic (Nov 17, 2013)

Millions of Yahoo and AOL accounts have been hacked and hacked again in the past 2-3 years. If you used one of those, they just might be reselling the password lists currently.


----------



## RandomThings (Oct 21, 2016)

Dropping in with this link: https://haveibeenpwned.com/

Go there, put in your email address and it will tell you if that email address has been breached. I used an account for a number of different sites and when one was hacked, found my way there and found out that my email and password for that hacked site were out there. Since I used that same password on a few different sites with that email... well, I wasn't pleased.

Worth checking your emails anyway folks.


----------



## Doglover (Sep 19, 2013)

I've had several emails purporting to be from kdp which look and taste very genuine, even down to the address on the bar, but each one has had a link or a button with which to sign in to my kdp account. I have always ignored these altogether or, if I wanted to check, have done so by going to my account in the usual way, never through this link.

The latest one which I nearly fell for and reported here was the one asking if I wanted to have my AMS payments taken from royalties. No one else here seemed to have had one and when I looked, the option wasn't there, but I didn't use their link.

I wouldn't worry about the preorder if I were you. If someone else has access they can change your bank details. Getting banned from preorders is nothing compared to that.


----------



## Pandorra (Aug 22, 2017)

RandomThings said:


> Dropping in with this link: https://haveibeenpwned.com/
> 
> Go there, put in your email address and it will tell you if that email address has been breached. I used an account for a number of different sites and when one was hacked, found my way there and found out that my email and password for that hacked site were out there. Since I used that same password on a few different sites with that email... well, I wasn't pleased.
> 
> Worth checking your emails anyway folks.


Don't DO that!  Half of the sites out there that's how they GET your pw and information, you enter your info LOOKING for your info.. its an old trick.


----------



## Tabitha Levin (Nov 1, 2011)

Pandorra said:


> Don't DO that!  Half of the sites out there that's how they GET your pw and information, you enter your info LOOKING for your info.. its an old trick.


haveibeenpwned.com is a legitimate site. It was created by cyber security expert Troy Hunt. It doesn't ask for passwords, just your email to check if it's been listed on a hacking site. It doesn't collect or send any information. It's a safe resource.

You can read more about it at its wikipedia page here: https://en.wikipedia.org/wiki/Have_I_Been_Pwned%3F


----------



## RandomThings (Oct 21, 2016)

Tabitha Levin said:


> haveibeenpwned.com is a legitimate site. It was created by cyber security expert Troy Hunt. It doesn't ask for passwords, just your email to check if it's been listed on a hacking site. It doesn't collect or send any information. It's a safe resource.
> 
> You can read more about it at its wikipedia page here: https://en.wikipedia.org/wiki/Have_I_Been_Pwned%3F


Was just about to say the same thing but you beat me to it. This site is legit. I wouldn't forward any site I didn't trust completely. Since the only thing you enter into this site is your email address, it can't get anything from you except your email address. No passwords, no personal data and nothing but the email address required so it can do a search.

I used it after I started to get copious amounts of spam to an email address that had never had any in the 10 years I'd had it. Turns out Patreon and a couple of game sites I used it on had been hacked.


----------



## katherinef (Dec 13, 2012)

The more I read about this happening to people, the more I think Amazon was really hacked, and one person on Amazon's Facebook page claims a rep told them there was a hacking breach. A lot of people are reporting this happening to them and most had their email address somehow changed through Amazon.de to a Russian one. Since the hackers aren't changing passwords, does that mean they don't have them and are using some kind of an exploit? I wish Amazon had separate accounts for KDP, AMS, store... Now I can't use AMS because I removed my credit card details from Amazon.com where I never bought anything, but since those accounts are automatically connected and can't be unconnected, there's nothing else to do unless I want to risk some hacker spending my money on some crap through Amazon's store. Ridiculous. If my credit card info were only on AMS, then there wouldn't be much a hacker could do except buy some ads for my books.


----------



## DanaFraser (Apr 5, 2016)

Is this still unresolved?


----------



## Doglover (Sep 19, 2013)

katherinef said:


> The more I read about this happening to people, the more I think Amazon was really hacked, and one person on Amazon's Facebook page claims a rep told them there was a hacking breach. A lot of people are reporting this happening to them and most had their email address somehow changed through Amazon.de to a Russian one. Since the hackers aren't changing passwords, does that mean they don't have them and are using some kind of an exploit? I wish Amazon had separate accounts for KDP, AMS, store... Now I can't use AMS because I removed my credit card details from Amazon.com where I never bought anything, but since those accounts are automatically connected and can't be unconnected, there's nothing else to do unless I want to risk some hacker spending my money on some crap through Amazon's store. Ridiculous. If my credit card info were only on AMS, then there wouldn't be much a hacker could do except buy some ads for my books.


You don't have to use the same card for the Amazon store as for the AMS ads. I change my card on both regularly, depending which account I happen to have money in. They are rarely the same. If you think you've been hacked, best to change the card details once your bill is paid until the next time.


----------



## katherinef (Dec 13, 2012)

Doglover said:


> You don't have to use the same card for the Amazon store as for the AMS ads. I change my card on both regularly, depending which account I happen to have money in. They are rarely the same. If you think you've been hacked, best to change the card details once your bill is paid until the next time.


Maybe I'm missing something, but I don't see a way to add my card just for AMS. As soon as I add it there, it's automatically copied to Amazon.com, and when I remove it on Amazon.com, it's gone for the ads too. Is there a button I'm not seeing? I haven't been hacked, but a lot of people have. Facebook is full of complaints about it, so I'd rather not risk anything for now.


----------



## Doglover (Sep 19, 2013)

katherinef said:


> Maybe I'm missing something, but I don't see a way to add my card just for AMS. As soon as I add it there, it's automatically copied to Amazon.com, and when I remove it on Amazon.com, it's gone for the ads too. Is there a button I'm not seeing? I haven't been hacked, but a lot of people have. Facebook is full of complaints about it, so I'd rather not risk anything for now.


Well, I just go to payment details on the AMS dashboard and put in the card I want to use. It never affects the payment details on my Amazon customer account.


----------



## katherinef (Dec 13, 2012)

Doglover said:


> Well, I just go to payment details on the AMS dashboard and put in the card I want to use. It never affects the payment details on my Amazon customer account.


Weird. If I do that, my card is immediately added to Amazon.com without me doing anything, probably because I don't have one already added on there.


----------



## Doglover (Sep 19, 2013)

katherinef said:


> Weird. If I do that, my card is immediately added to Amazon.com without me doing anything, probably because I don't have one already added on there.


That could be it. I have lots of cards listed on both; sometimes I want to use a different one.


----------



## notjohn (Sep 9, 2016)

I too like Last Pass. I may take the advice about the Last Pass password, too!

I spent an hour yesterday changing passwords on financial accounts. I was one of those accounts breached in the Equifax hack. (That's worth checking. http://money.cnn.com/2017/09/07/pf/victim-equifax-hack-how-to-find-out -- 143 million Americans affected, which really is most of us.)


----------



## N. Gemini Sasson (Jul 5, 2010)

Doglover said:


> I've had several emails purporting to be from kdp which look and taste very genuine, even down to the address on the bar, but each one has had a link or a button with which to sign in to my kdp account. I have always ignored these altogether or, if I wanted to check, have done so by going to my account in the usual way, never through this link.
> 
> The latest one which I nearly fell for and reported here was the one asking if I wanted to have my AMS payments taken from royalties. No one else here seemed to have had one and when I looked, the option wasn't there, but I didn't use their link.
> 
> I wouldn't worry about the preorder if I were you. If someone else has access they can change your bank details. Getting banned from preorders is nothing compared to that.


I got one that looked like it was from Amazon too. But not about KDP. It just said that my Amazon account info had been changed. When I logged in online and checked, all was fine, but since I've had some other phishing e-mails lately with partial credit card info, I got a new cc. It was like someone was trying very hard to get me to log in through various e-mails.


----------



## Doglover (Sep 19, 2013)

N. Gemini Sasson said:


> I got one that looked like it was from Amazon too. But not about KDP. It just said that my Amazon account info had been changed. When I logged in online and checked, all was fine, but since I've had some other phishing e-mails lately with partial credit card info, I got a new cc. It was like someone was trying very hard to get me to log in through various e-mails.


A friend of mine got one recently that I think seems a bit dodgy. She published a few children's books some months ago, so hasn't made more than double figures, but right from the start she has been paid by direct debit. This email is telling her that Amazon are soon phasing out cheque payments for her country (UK) and that they can see she has not yet enough accumulated for a cheque. It advises her to change to direct debit.

I thought they'd already phased out cheques for the UK and I think it's odd that they are targeting a new author who doesn't sell much. KDP owe her nothing.

I'd be interested to know if anyone else has had this one.


----------



## Going Incognito (Oct 13, 2013)

The one I get is the one to crack Easter eggs for... something. I forget. For a discount? For free stuff? 


BUT- when I went googling to verify it was a scam I did learn something cool. 


When you're logged in on Amazon (the US site anyway. Other countries may be slightly different) you can hit the 'Accounts & lists' drop down menu under your name, click on 'Your account' right under your account, click on 'Message Center' under 'Email alerts, messages and ads' and boom. There's a copy of every email Amazon has ever sent to that account's email address. So if you get a weird email supposedly from Amazon you can go check and see if it shows up in your account's message center. If not- it's a scam. 


ETA- ya know what? In light of recent events, I should prob put that in its own thread, huh?


----------



## Doglover (Sep 19, 2013)

Going Incognito said:


> The one I get is the one to crack Easter eggs for... something. I forget. For a discount? For free stuff?
> 
> BUT- when I went googling to verify it was a scam I did learn something cool.
> 
> ...


That is really interesting. I'm off to check.


----------



## Going Incognito (Oct 13, 2013)

Doglover said:


> That is really interesting. I'm off to check.


If you find that the how-to is different in the U.K., would you mind posting it here? Might as well hook everyone up. 
https://www.kboards.com/index.php/topic,255324.0.html


----------



## Doglover (Sep 19, 2013)

Going Incognito said:


> If you find that the how-to is different in the U.K., would you mind posting it here? Might as well hook everyone up.
> https://www.kboards.com/index.php/topic,255324.0.html


I've posted there.


----------



## Going Incognito (Oct 13, 2013)

Thanks


----------



## Lauren P. (Jul 3, 2014)

Going Incognito said:


> When you're logged in on Amazon (the US site anyway. Other countries may be slightly different) you can hit the 'Accounts & lists' drop down menu under your name, click on 'Your account' right under your account, click on 'Message Center' under 'Email alerts, messages and ads' and boom. There's a copy of every email Amazon has ever sent to that account's email address. So if you get a weird email supposedly from Amazon you can go check and see if it shows up in your account's message center. If not- it's a scam.


This is really useful information. Thank you for posting it.


----------



## anniejocoby (Aug 11, 2013)

DanaFraser said:


> Is this still unresolved?


Oh, I'm so sorry! I thought that I posted an update, but it looks like it didn't. It was resolved within 24 hours. I now do two-step verification, and I changed my credit card information that Amazon uses. Thanks for asking!


----------



## Going Incognito (Oct 13, 2013)

Lauren P. said:


> This is really useful information. Thank you for posting it.


You're welcome


----------



## DanaFraser (Apr 5, 2016)

anniejocoby said:


> Oh, I'm so sorry! I thought that I posted an update, but it looks like it didn't. It was resolved within 24 hours. I now do two-step verification, and I changed my credit card information that Amazon uses. Thanks for asking!


I'm glad to hear that Annie


----------



## DanaFraser (Apr 5, 2016)

Going Incognito said:


> ...
> When you're logged in on Amazon ... hit the 'Accounts & lists' drop down menu under your name, click on 'Your account' right under your account, click on 'Message Center' under 'Email alerts, messages and ads' and boom. There's a copy of every email Amazon has ever sent to that account's email address. ...


Not exactly. Not all of the replies to my KDP queries are there. In fact a great deal aren't there. Still, in terms of emails originating from them (as opposed to a chain you initiate), it's a great way to check if it's legit or not.


----------

