How secure is Amazon?

Hey everyone, had load of unauthorised payments taken on my Amazon account! One got refunded quickly but before I could block
Card another 42.98 got taken. Cards dead now and Amazon security are looking into it. The payment got taken whilst in chat to Monzo.

Makes me wonder how secure Amazon is? Been with them for years and no problems! They never had a clue what happened either😳 so I’ve shut my account and deleted my details, and waiting for Monzo to get back, it might have been dodgy staff member ? Who knows, makes you wonder how payment can be taken for nothing ordered.

Update- CS have blocked card and refunded my two payments, I reckon card could have been skimmed in an atm near a spar! It’s happened to a few people, but a new one was installed! So…who knows how! Have had this card a few years now.

First time for everything I suppose? Thanks for your answers.

Probably one of, if not the most secure. They have the money, resources and incentive to be secure.

Just because your card has been used on Amazon, doesn’t mean it’s anything to do with them. Your card details could have been leaked/cloned/stolen from anywhere and then those card details are used to make purchases on Amazon.

Closing your Amazon account will have zero impact on what you’ve experienced. Unless these orders are on your Amazon account? In which case, your Amazon password has been compromised.

6 Likes

This seems an exterme overreaction, I’d say the problem isn’t Amazon and your card details have been stolen elsewhere then used on someone elses Amazon account.

5 Likes

Sounds like the Amazon account was compromised somehow. It would possibly be worth OP checking their email account hasn’t also been compromised.

Not very secure. My brother works for Amazon and basically they balance the ease of payment and logging in with security. They’ve calculated the cost of refunding fraudulent payments is often less than the cost of higher security. It was only a couple of years ago you could have a 5 character password with no numbers of special characters, and no 2fa.

2 Likes

It’s also why there are no 3DS checks on cards

Use a virtual card if you still want to continue using Amazon.

Then if you get concerned, or it happens again you can simply delete it.

2 Likes

If you’ve ever dealt with the Amazon API and seller accounts you’ll know its a complete shitshow held together by a piece of string. Much of it is stuck in early 00s

It feels like its a case of it does the bare minimum and nobody wants to break it by improving it.

I think the security will be on par.

With billions to play with it should be the best system in the world

do-not-touch-it-programmer

5 Likes

They do use 3DS and they have for a few years, I had to approve a payment when I ordered this afternoon and in the past I’ve had to go back in and approve a payment after ordering.

1 Like

I’ve never been prompted :cry:

1 Like

oo spooky, they prompt me maybe half the time with my Monzo card and every time with my Chase one

1 Like

I’ve been an Amazon customer for 19 years. I’ve never had fraud on my account.

1 Like

I personally feel like they aren’t particularly secure but I’ve definitely bought things from “riskier” smaller online shops.

Amazon don’t necessarily care if items are lost, not as described or if fraud happens. They are so big it’s all a bit “whatevs” to them. I tend to avoid using them now unless it’s unavoidable.

1 Like

I had an old NatWest card compromised, years ago. It was frozen at the time, so I didn’t need to contact the bank, I just cancelled it as stolen and ordered a new one.

Every couple of years I still get a little splurge of app notifications to tell me a payment has been declined by NatWest for an attempted purchase at Amazon/wish.com/Greggs/online pharmacy/iZettle/shoe shop in Greece¹ and it makes me chuckle to envisage some poor soul frantically going through their stack of white label debit cards trying to find one which will work. There are always around a dozen or so attempts, with a notification each time, before it goes quiet again for months and months.

It’s a fun game.

¹ take your pick

5 Likes

If it was access to your own account; then basically how secure did you make it?

Did you have a complex and randomly generated password stored in a password manager, and you have two factor authentication on as well? Is there any chance that you clicked on a dodgy link and entered your details in?

In the vast majority of cases of breached internet security it is the user, rather than the platform, whose security practices need an update!

3 Likes

As you state, either A, data breach including card details which to I say never use your bank card details online (use PayPal or a virtual cards).

B, the account password itself was compromised as you mentioned. Which in that case, the card would not need replacing.