[Patentpractice] IMPORTANT: Off-Topic: PSA Amazon Fraud Scheme - LOG OUT ALL DEVICES

Jeffrey Semprebon jesemprebon at gmail.com
Thu Oct 2 13:42:21 UTC 2025 

Federal CPB may be closed, but the state may have an agency or department
that's operating.

Just this week, a recalcitrant financial company called me to let me know
that I'll be receiving soon in the mail confirmation that they've resolved
a dispute in my favor, shortly after reporting them to the NH AG's
office's consumer protection & anti-fraud dept.


-Jeff

Jeffrey E. Semprebon
Registered Patent Agent (mechanical) looking for remote work
jesemprebon at gmail.com
7 Bates Alley
Claremont, New Hampshire 03743

On Thu, Oct 2, 2025, 05:57 Leigh T via Patentpractice <
patentpractice at oppedahl-lists.com> wrote:

> Hi, Suzannah,
>
> I’m sorry this happened to you, and thanks for posting. Amazon should fix
> those policies. In the past you could maybe also try complaining to the
> Consumer Protection Bureau but I’m not sure it’s still active.
>
> Something similar happened to us a couple of months ago with our Chase
> bank credit card and then also a replacement card that was immediately
> hacked again. The fake charges were all over the place and included pizza
> and hotel stays at “Purpose Driven Stays” in Florida and Virginia, where we
> had not been for a long time, so at least they were easy to dispute and
> Chase has been really good about taking fake charges off.
>
>  I pointed out when calling to get the second replacement card that it
> seemed that the hacker was able to get our new card details immediately.
> The Chase representative looked around and told us there was a Stripe
> account (like Venmo) linked to our card that we didn’t even know about.
> With that, the hacker was able to get our new card details immediately and make
> more fake charges.  So the Chase representative deactivated all of the
> automatic updates for the (second) new card to prevent the hacker from
> automatically getting the new card info.
>
> We had to re-link all the accounts where we had set up auto pay, but it
> did stop that hacking. Also, we have since put freezes on both my and my
> husband‘s credit and that seems to have helped cut down on phishing efforts
> a bit.
>
> Best regards,
> Leigh
>
>
> On Wed, Oct 1, 2025 at 10:30 AM Suzannah K. Sundby via Patentpractice <
> patentpractice at oppedahl-lists.com> wrote:
>
>> IMPORTANT FOLLOW-UP – MUST DO – BOT FARMS BUSY
>>
>>
>>
>> (See yellow highlight below for bullet point as to how to secure your
>> Amazon account.)
>>
>>
>>
>> Serious bots are busy hacking into people’s Amazon accounts with their
>> phone numbers.  A friend of mine who I warned said that just yesterday
>> and today someone tried logging in with his phone number.  Since he was
>> not online, he knew it couldn’t be himself who triggered the confirmation
>> request.  He also saw an unauthorized charge, which doesn’t marry up to
>> any of his purchases.
>>
>>
>>
>> Now for my continuing episode:
>>
>>
>>
>> I canceled my credit card yesterday and am getting a replacement.  Despite
>> this, last night (after the credit card was canceled), there was another
>> unauthorized Amazon charge.  Turns out the new charge resulted from the
>> canceled card was still in my Amazon account as a payment method and the
>> credit card company allows obvious recurring payments/charges to pass thru
>> to the replacement card… So, I removed the canceled card.
>>
>>
>>
>> But the problem is that any new card I put as a payment method in my
>> Amazon account will suffer the same unauthorized access.
>>
>>
>>
>> So, I called up Amazon this morning.  Dealt with multiple people at
>> multiple levels of stupidity for 3 hours.
>>
>>
>>
>> They say there is nothing they can do to prevent others from setting up a
>> sub-account under MY Amazon account using MY cellphone number.  WTF.  Also,
>> because of Amazon privacy policies, Amazon can’t tell ME who is using MY
>> cellphone number to set up sub-accounts under MY Amazon account.  WTF.  Basically,
>> they told me there is nothing they can do and that each time this happens I have
>> to dispute the charge with my credit card company.  BS.
>>
>>
>>
>> So, I was going to cancel my Amazon account and set up a new Amazon
>> account.  Big problem there because my digital subscriptions… music,
>> Kindle books, Audible books, etc.  I was in the process of dealing with
>> that and getting refunded for the music titles I purchased way back when…
>> My library of Kindle books (and likely Audible books) can be transferred.
>>
>>
>>
>> So, I figured I’d set up the new Amazon account so the Kindle/Audible
>> libraries could be transferred.
>>
>>
>>
>> Turns out in order to set up an Amazon account, you must use a cell
>> phone number… and I cannot myself set up another primary Amazon account
>> with my own freaking cell phone number (yet others can continue to set up
>> sub-accounts using MY cell number … someone make it make sense).
>>
>>
>>
>> Anyway, in the Amazon account settings there is the login/security
>> options.  After selecting that, there are options for signing out anyone
>> and everyone.  It forces a password reset.  So, first one will want to
>> have 2FA set up for logging into Amazon, and have a new email alias* set
>> up to use.  Then after confirming both are set up, log out all devices.  I
>> think this process will put an end to others being able to login and set up
>> sub-accounts under one’s own Amazon account.
>>
>>
>>
>> You will then have to re-login any Alexa devices, Alexa phone app, etc.
>>
>>
>>
>> *New email alias: Years ago when my personal Microsoft email account was
>> hacked, I discovered one can set up email aliases.  Email still goes to
>> your primary account, but you can set it up so that one cannot login to
>> your Microsoft email using the alias (e.g., use primary email address to
>> login and don’t give the primary email address to anyone, instead use the
>> email aliases… I have one for shopping, one for financial accounts like
>> IRS, banks, etc., and now I have a specific email alias for Amazon only.)
>>
>> <https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g>
>>
>>
>>
>> Suzannah K. Sundby <http://www.linkedin.com/in/ssundby/> *|* Partner
>>
>> *canady + lortz** LLP* <http://www.canadylortz.com/>
>>
>> 1050 30th Street, NW
>> <https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g>
>>
>> Washington, DC 20007
>> <https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g>
>>
>> T: 202.486.8020
>>
>> F: 202.540.8020
>>
>> suzannah at canadylortz.com
>>
>> <https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g>
>>
>> www.canadylortz.com
>>
>> Confidentiality Notice:  This message is being sent by or on behalf of a
>> lawyer.  It is intended exclusively for the individual or entity to
>> which it is addressed.  This communication may contain information that
>> is proprietary, privileged or confidential, or otherwise legally exempt
>> from disclosure.  If you are not the named addressee, you may not read,
>> print, retain, copy, or disseminate this message or any part.  If you
>> have received this message in error, please notify the sender immediately
>> by e-mail and delete all copies of the message.
>>
>>
>>
>> *From:* Suzannah K. Sundby
>> *Sent:* Tuesday, September 30, 2025 2:54 PM
>> *To:* patentpractice at oppedahl-lists.com
>> *Subject:* Off-Topic: PSA Amazon Fraud Scheme - Setup 2FA
>>
>>
>>
>> I have my credit card setup so it sends me a notice when an online
>> purchase/charge.
>>
>>
>>
>> I do a LOT of shopping on Amazon… and I do the Subscribe & Save, which my
>> deliveries are at the end of the month.
>>
>>
>>
>> Last Friday, there was a $100 charge I thought was curious, but I didn’t
>> have time to investigate… I assumed it was likely a charge for the
>> Subscribe & Save stuff… though I thought it was curious that the amount was
>> an even 100.
>>
>>
>>
>> Today, there was a $200 charge.
>>
>>
>>
>> So, I checked my Amazon orders and nothing marries up to these charges.
>>
>>
>>
>> I called Amazon.
>>
>>
>>
>> ESL guy saw the charges on my account… and he told me that there are
>> other accounts “associated” with mine via my phone number.  WTF I said.  He
>> asked me if I authorized these other people to use my Amazon account.  No
>> effing way I said.
>>
>>
>>
>> Thus, he removed the accounts from my phone number and email and said
>> that they will investigate.
>>
>>
>>
>> He told me that I had to call my credit card company and dispute the
>> charges.  WTF.
>>
>>
>>
>> He wouldn’t tell me how/why someone can make charges to my account and
>> whether they have access to my credit card via Amazon.
>>
>>
>>
>> I called my credit card company and had to dispute the charges, which
>> then triggers the fraud-based card replacement process.
>>
>>
>>
>> Anyway, when looking at account settings in Amazon I discovered that one
>> can set up 2FA and require a code in order to log into one’s account.
>>
>>
>>
>> Thus, y’all probably want to do this if you haven’t already.
>>
>>
>>
>> Suzannah K. Sundby <http://www.linkedin.com/in/ssundby/>
>> <https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g>
>> *|* Partner
>>
>> *canady + lortz** LLP* <http://www.canadylortz.com/>
>>
>> 1050 30th Street, NW
>> <https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g>
>>
>> Washington, DC 20007
>> <https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g>
>>
>> T: 202.486.8020
>>
>> F: 202.540.8020
>>
>> suzannah at canadylortz.com
>>
>> www.canadylortz.com
>>
>> <https://www.google.com/maps/search/1050+30th+Street,+NW+%0D%0A+Washington,+DC+20007?entry=gmail&source=g>
>>
>> Confidentiality Notice:  This message is being sent by or on behalf of a
>> lawyer.  It is intended exclusively for the individual or entity to
>> which it is addressed.  This communication may contain information that
>> is proprietary, privileged or confidential, or otherwise legally exempt
>> from disclosure.  If you are not the named addressee, you may not read,
>> print, retain, copy, or disseminate this message or any part.  If you
>> have received this message in error, please notify the sender immediately
>> by e-mail and delete all copies of the message.
>>
>>
>> --
>> Patentpractice mailing list
>> Patentpractice at oppedahl-lists.com
>>
>> http://oppedahl-lists.com/mailman/listinfo/patentpractice_oppedahl-lists.com
>>
> --
> Patentpractice mailing list
> Patentpractice at oppedahl-lists.com
>
> http://oppedahl-lists.com/mailman/listinfo/patentpractice_oppedahl-lists.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://oppedahl-lists.com/pipermail/patentpractice_oppedahl-lists.com/attachments/20251002/15479127/attachment.html>

More information about the Patentpractice mailing list