What the Heck, account hacked?

I think I just hit the trifecta. Sorry for all the posts, but while trying to still solve my other problem I have just been greeted with something very weird.

I went to my All Inventory and I have tons of new products from the brand “Tafts”. Check all these out:

All of those aren’t mine, but appearing under my inventory. What gives?

5 Likes

:grimacing::flushed: Maybe hacked, maybe error, maybe a 3rd party app with access snafu???

Make sure to do all the things ASAP: change password, check email addresses, check user permissions, get 2FA, and open a case. Also check your live listings to see if they have been tampered with.

Tagging @oneida_books in case he’d seen some upload error like this before. And @Best_Handmade_Soaps for more (better!) recommendations for locking down and protecting your account.

4 Likes

I have 2fa with authenticator. There is no way anyone got in (at least, I’d hope not). I have Jungle Scout integration, that’s it.

3 Likes

My guess would be that this is an inside job. Looks like a typical hijack to me. Interested to see others point of view.

-Ana

3 Likes

Haven’t we seen things like this before? Give it 48 hours and it goes away?

Via TXT or App? Change to Auth App if you can.

3 Likes

I think it would be more likely a glitch. Some chinese company uploaded their flat file and it somehow became linked to your account.

Probably from an insider who overroad the restrictions on items for a new account.

6 Likes

Use the Report a Violation tool to look up some of the ASINs … who are the sellers?

Use the Report a Violation tool to look up the brand … who are the sellers? … also look to see if there are any listings that have been hacked (items that are not consistent with the brand name)

If you were hacked or your listings have been hacked, you can should be able to find it that way.

:arrow_heading_up: :arrow_heading_up: :arrow_heading_up:

4 Likes

Oh yeah

OPEN A CASE!!!

4 Likes

This is an internal Amazon system screw-up.

No one would “hack” your account to add inventory to your benefit.

6 Likes

I have seen this once before, some time ago. I don’t recall what cause it though, or if it was ever determined.

Something I don’t see mentioned - I would delete them all right away if you haven’t yet!

ETA - I would also check your upload page and take screen shots

6 Likes

All items have zero inventory available.
Two items are Search Suppressed.
The rest of the items are Incomplete.

Op is having issues with a listing because of Bamboo.
The brand Tafts has several items that are Bamboo and would compete against OP.

Could be a take out competitor campaign type hack?

4 Likes

I do find very odd the fact that the other brand is also selling “Bamboo” type products.

I lean more though towards Amazon being the culprit, but not intentionally.

Note: The other seller, “Amcrest Direct,” which I find on one of the listings has a FB record going back some

5 Likes

I would also be curious to see if your upload history shows any uploads that you don’t recognize, or if these ASINs used to belong to your branded product but have been hijacked to show the other brand.

With both products being bamboo, is there any chance that a SAS rep mixed up two of their clients and had listings reinstated on the wrong account?

5 Likes

They shouldn’t be able to do that, but maybe they got Brazil SS to do it? :person_facepalming:

7 Likes

Whoa!

I didn’t do that. I have 2fa with Authenticator. I submitted ticket yesterday and today I needed to reset my password and create another authenticator to log in.
what the heck?

5 Likes

well, crap, just got this email from Amazon this morning:

Hello,

We believe that an unauthorized party may have accessed your Amazon.com seller account. As a result, we have temporarily restricted access to your account and deactivated your listings. For your security, your full credit card number is not displayed in your account and cannot be accessed via our website.

We do not know how your sign-in information was obtained, since the unauthorized party obtained this information on a site other than Amazon.com. Some common techniques used to gain access to this information include:

– Using malicious software to capture a user’s keystrokes and Internet activity
– Trying commonly used passwords
– Sending fraudulent emails asking recipients to provide or update personal, financial, or other account information (commonly known as “phishing”)

I have Google Authenticator required for sign-in. How could that have been possible?

9 Likes

Wow. Holy crap.

Still have SAS?

2 Likes

nope, and seller support is ignoring my email calling out the issue. I can’t imagine them getting in through normal means.

2 Likes

Do you use it for anything other than Amazon for 2FA?

2 Likes

I use Google Authenticator for a lot of things. Banking, social media…

2 Likes