<div><div dir="auto">Hi, Suzannah,</div><div dir="auto"><br></div><div dir="auto">I\u2019m sorry this happened to you, and thanks for posting. Amazon should fix those policies. In the past you could maybe also try complaining to the Consumer Protection Bureau but I\u2019m not sure it\u2019s still active.</div><div dir="auto"><br></div><div dir="auto">Something similar happened to us a couple of months ago with our Chase bank credit card and then also a replacement <span style="font-family:-apple-system,sans-serif">card that was immediately hacked again</span><span style="font-family:-apple-system,sans-serif">. The fake charges were all over the place and included pizza and hotel stays at \u201cPurpose Driven Stays\u201d in Florida and Virginia, where we had not been for a long time, so at least they were easy to dispute and Chase has been really good about taking fake charges off.</span></div><div dir="auto"><span style="font-family:-apple-system,sans-serif"><br></span></div><div dir="auto"><span style="font-family:-apple-system,sans-serif"> I pointed out when calling to get the second replacement card that it seemed that the hacker was able to get our new card details immediately. The Chase representative looked around and told us there was a Stripe account (like Venmo) linked to our card that we didn\u2019t even know about. With that, the hacker was able to get our new card details immediately and </span><span style="font-family:-apple-system,sans-serif">make more fake charges. So the Chase representative deactivated all of the automatic updates for the (second) new card to prevent the hacker from automatically getting the new card info. </span></div><div dir="auto"><span style="font-family:-apple-system,sans-serif"><br></span></div><div dir="auto"><span style="font-family:-apple-system,sans-serif">We had to re-link all the accounts where we had set up auto pay, but it did stop that hacking. Also, we have since put freezes on both my and my husband\u2018s credit and that seems to have helped cut down on phishing efforts a bit.</span></div><div dir="auto"><span style="font-family:-apple-system,sans-serif"><br></span></div><div dir="auto"><span style="font-family:-apple-system,sans-serif">Best regards,</span><br></div><div dir="auto">Leigh</div></div><div><div dir="auto"></div><div dir="auto"></div><div dir="auto"></div><div dir="auto"></div><div dir="auto"></div><div dir="auto"></div><div dir="auto"></div><div dir="auto"></div><div dir="auto"><br></div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Oct 1, 2025 at 10:30\u202fAM Suzannah K. Sundby via Patentpractice <<a href="mailto:patentpractice@oppedahl-lists.com" target="_blank">patentpractice@oppedahl-lists.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="#0000CC" vlink="#0000CC" style="word-wrap:break-word">
<div>
<p class="MsoNormal"><span>IMPORTANT FOLLOW-UP \u2013 MUST DO \u2013 BOT FARMS BUSY<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>(See yellow highlight below for bullet point as to how to secure your Amazon account.)<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>Serious bots are busy hacking into people\u2019s Amazon accounts with their phone numbers.<span>
</span>A friend of mine who I warned said that just yesterday and today someone tried logging in with his phone number.<span>
</span>Since he was not online, he knew it couldn\u2019t be himself who triggered the confirmation request.<span>
</span>He also saw an unauthorized charge, which doesn\u2019t marry up to any of his purchases.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>Now for my continuing episode:<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>I canceled my credit card yesterday and am getting a replacement.<span>
</span>Despite this, last night (after the credit card was canceled), there was another unauthorized Amazon charge.<span>
</span>Turns out the new charge resulted from the canceled card was still in my Amazon account as a payment method and the credit card company allows obvious recurring payments/charges to pass thru to the replacement card\u2026 So, I removed the canceled card.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>But the problem is that any new card I put as a payment method in my Amazon account will suffer the same unauthorized access.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>So, I called up Amazon this morning.<span>
</span>Dealt with multiple people at multiple levels of stupidity for 3 hours.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>They say there is nothing they can do to prevent others from setting up a sub-account under MY Amazon account using MY cellphone number.<span>
</span>WTF.<span> </span>Also, because of Amazon privacy policies, Amazon can\u2019t tell ME who is using MY cellphone number to set up sub-accounts under MY Amazon account.<span>
</span>WTF.<span> </span>Basically, they told me there is nothing they can do and that each time this happens I
<span>have to</span> dispute the charge with my credit card company.
<span> </span>BS.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>So, I was going to cancel my Amazon account and set up a new Amazon account.<span>
</span>Big problem there because my digital subscriptions\u2026 music, Kindle books, Audible books, etc.<span>
</span>I was in the process of dealing with that and getting refunded for the music titles I purchased way back when\u2026 My library of Kindle books (and likely Audible books) can be transferred.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>So, I figured I\u2019d set up the new Amazon account so the Kindle/Audible libraries could be transferred.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>Turns out <span>
in order to</span> set up an Amazon account, you must use a cell phone number\u2026 and I cannot myself set up another primary Amazon account with my own freaking cell phone number (yet others can continue to set up sub-accounts using MY cell number \u2026 someone make
it make sense).<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="background:yellow">Anyway, in the Amazon account settings there is the login/security options.<span>
</span><span>After selecting that, there</span> are options for signing out anyone and everyone.<span>
</span>It forces a password reset.<span> </span>So, first one will want to have
<span>2FA</span> set up for logging into <span>Amazon, and</span> have a new email alias* set up to use.<span>
</span>Then after confirming both are set up, log out all devices.<span>
</span>I think this process will put an end to others being able to login and set up sub-accounts under one\u2019s own Amazon account.</span><span><u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>You will then have to re-login any Alexa devices, Alexa phone app, etc.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>*New email alias: Years
<span>ago</span> when my personal Microsoft email account was hacked, I discovered one can set up email aliases.<span>
</span>Email still goes to your primary account, but you can set it up so that one cannot login to your Microsoft email using the alias (e.g., use primary email address to login and don\u2019t give the primary email address to anyone, instead use the email aliases\u2026
I have one for shopping, one for financial accounts like IRS, banks, etc., and now I have a specific email alias for Amazon only.)<u></u><u></u></span></p><a href="https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g" target="_blank">
</a><p class="MsoNormal"><span><u></u> <u></u></span></p>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Century Gothic",sans-serif;color:black"><a href="http://www.linkedin.com/in/ssundby/" target="_blank"><span style="color:black;text-decoration:none">Suzannah
K. Sundby</span></a></span><span style="font-size:10.0pt;font-family:"Century Gothic",sans-serif">
<b><span style="color:#0000cc">|</span></b> Partner<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-top:4.0pt"><span style="font-size:11.0pt;font-family:"Aptos",sans-serif;color:#0000cc"><a href="http://www.canadylortz.com/" target="_blank"><u><span style="font-size:10.0pt;font-family:"Century Gothic",sans-serif;text-decoration:none">canady
+ lortz</span></u><u><span style="font-size:8.0pt;font-family:"Century Gothic",sans-serif;text-decoration:none">
<span style="font-variant:small-caps">LLP</span></span></u></a></span><span style="font-size:11.0pt;font-family:"Century Gothic",sans-serif;color:#0000cc"><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif"><a href="https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g" target="_blank">1050 30th Street, NW</a><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif"><a href="https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g" target="_blank">Washington, DC 20007</a><u></u><u></u></span></p>
<p class="MsoNormal" style="margin-top:4.0pt"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif">T: 202.486.8020<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif">F: 202.540.8020<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-top:4.0pt"><span style="font-size:11.0pt;font-family:"Aptos",sans-serif;color:#0000cc"><a href="mailto:suzannah@canadylortz.com" target="_blank"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif;text-decoration:none">suzannah@canadylortz.com</span></a></span><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif;color:#0000cc"><u></u><u></u></span></p>
<div style="border:none;border-bottom:solid #0000cc 1.0pt;padding:0in 0in 6.0pt 0in">
<p class="MsoNormal" style="border:none;padding:0in">
<span style="font-size:11.0pt;font-family:"Aptos",sans-serif;color:#0000cc"><a href="http://www.canadylortz.com/" target="_blank"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif;text-decoration:none">www.canadylortz.com</span></a></span><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif;color:#0000cc"><u></u><u></u></span></p>
</div>
<p class="MsoNormal" style="text-align:justify"><span style="font-size:7.0pt;font-family:"Century Gothic",sans-serif;color:#7f7f7f">Confidentiality Notice:
<span> </span>This message is being sent by or on behalf of a lawyer.
<span> </span>It is intended exclusively for the individual or entity to which it is addressed.
<span> </span>This communication may contain information that is proprietary, privileged or confidential, or otherwise legally exempt from disclosure.
<span> </span>If you are not the named addressee, you may not read, print, retain, copy, or disseminate this message or any part.
<span> </span>If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message.<u></u><u></u></span></p>
</div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<div>
<div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Suzannah
K. Sundby <br>
<b>Sent:</b> Tuesday, September 30, 2025 2:54 PM<br>
<b>To:</b> <a href="mailto:patentpractice@oppedahl-lists.com" target="_blank">patentpractice@oppedahl-lists.com</a><br>
<b>Subject:</b> Off-Topic: PSA Amazon Fraud Scheme - Setup 2FA<u></u><u></u></span></p>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal"><span>I have my credit card setup so it sends me a notice when an online purchase/charge.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>I do a LOT of shopping on Amazon\u2026 and I do the Subscribe & Save, which my deliveries are at the end of the month.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>Last Friday, there was a $100 charge I thought was curious, but I didn\u2019t have time to investigate\u2026 I assumed it was likely a charge for the Subscribe & Save stuff\u2026 though I thought it was curious
that the amount was an even 100.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>Today, there was a $200 charge.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>So, I checked my Amazon orders and nothing marries up to these charges.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>I called Amazon.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>ESL guy saw the charges on my account\u2026 and he told me that there are other accounts \u201cassociated\u201d with mine via my phone number.<span>
</span>WTF I said.<span> </span>He asked me if I authorized these other people to use my Amazon account.<span>
</span>No effing way I said.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>Thus, he removed the accounts from my phone number and email and said that they will investigate.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>He told me that I had to call my credit card company and dispute the charges.<span>
</span>WTF.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>He wouldn\u2019t tell me how/why someone can make charges to my account and whether they have access to my credit card via Amazon.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>I called my credit card company and had to dispute the charges, which then triggers the fraud-based card replacement process.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="background:yellow">Anyway, when looking at account settings in Amazon I discovered that one can set up 2FA and require a code in order to log into one\u2019s account.</span><span><u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>Thus, y\u2019all probably want to do this if you haven\u2019t already.<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Century Gothic",sans-serif;color:black"><a href="http://www.linkedin.com/in/ssundby/" target="_blank"><span style="color:black;text-decoration:none">Suzannah
K. Sundby</span></a></span><span style="font-size:10.0pt;font-family:"Century Gothic",sans-serif"><a href="https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g" target="_blank">
</a><b><span style="color:#0000cc">|</span></b> Partner<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-top:4.0pt"><span style="font-size:11.0pt;font-family:"Aptos",sans-serif;color:#0000cc"><a href="http://www.canadylortz.com/" target="_blank"><u><span style="font-size:10.0pt;font-family:"Century Gothic",sans-serif;text-decoration:none">canady
+ lortz</span></u><u><span style="font-size:8.0pt;font-family:"Century Gothic",sans-serif;text-decoration:none">
<span style="font-variant:small-caps">LLP</span></span></u></a></span><span style="font-size:11.0pt;font-family:"Century Gothic",sans-serif;color:#0000cc"><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif"><a href="https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g" target="_blank">1050 30th Street, NW</a><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif"><a href="https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g" target="_blank">Washington, DC 20007</a><u></u><u></u></span></p>
<p class="MsoNormal" style="margin-top:4.0pt"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif">T: 202.486.8020<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif">F: 202.540.8020<u></u><u></u></span></p>
<p class="MsoNormal" style="margin-top:4.0pt"><span style="font-size:11.0pt;font-family:"Aptos",sans-serif;color:#0000cc"><a href="mailto:suzannah@canadylortz.com" target="_blank"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif;text-decoration:none">suzannah@canadylortz.com</span></a></span><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif;color:#0000cc"><u></u><u></u></span></p>
<div style="border:none;border-bottom:solid #0000cc 1.0pt;padding:0in 0in 6.0pt 0in">
<p class="MsoNormal" style="border:none;padding:0in">
<span style="font-size:11.0pt;font-family:"Aptos",sans-serif;color:#0000cc"><a href="http://www.canadylortz.com/" target="_blank"><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif;text-decoration:none">www.canadylortz.com</span></a></span><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif;color:#0000cc"><u></u><u></u></span></p>
</div>
<p class="MsoNormal" style="text-align:justify"><span style="font-size:7.0pt;font-family:"Century Gothic",sans-serif;color:#7f7f7f">Confidentiality Notice:<span>
</span>This message is being sent by or on behalf of a lawyer.<span>
</span>It is intended exclusively for the individual or entity to which it is addressed.<span>
</span>This communication may contain information that is proprietary, privileged or confidential, or otherwise legally exempt from disclosure.<span>
</span>If you are not the named addressee, you may not read, print, retain, copy, or disseminate this message or any part.<span>
</span>If you have received this message in error, please notify the sender immediately by e-mail and delete all copies of the message.</span></p></div></div><div lang="EN-US" link="#0000CC" vlink="#0000CC" style="word-wrap:break-word"><div><p class="MsoNormal" style="text-align:justify"><span style="font-size:7.0pt;font-family:"Century Gothic",sans-serif;color:#7f7f7f"><u></u><u></u></span></p>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
</div>
-- <br>
Patentpractice mailing list<br>
<a href="mailto:Patentpractice@oppedahl-lists.com" target="_blank">Patentpractice@oppedahl-lists.com</a><br>
<a href="http://oppedahl-lists.com/mailman/listinfo/patentpractice_oppedahl-lists.com" rel="noreferrer" target="_blank">http://oppedahl-lists.com/mailman/listinfo/patentpractice_oppedahl-lists.com</a><br>
</blockquote></div></div>
</div>