Victim explains how Amazon account was hacked using 'credential stuffing'
ฝัง
- เผยแพร่เมื่อ 21 ธ.ค. 2024
- A new, massive data breach exposing text messages and call data of nearly all customers of AT&T was confirmed by the telecommunications giant Friday.
The company said it believes a hacker stole those call and text records during a five-month period in 2022. It said it will provide notice to current and former customers impacted by this breach.
AT&T also said that this hack impacts about 109 million customer accounts, but it doesn't believe the data is publicly available. At least one person has been aprehended.
--------------------------------------------------
For more on the lead story: komonews.com/n...
_______________
Stay up to date with our social media:
KOMO News on Facebook: / komonews
KOMO News on Twitter: / komonews
KOMO News on Instagram: / komo4
KOMO News on TikTok: / komo4seattle
Subscribe to KOMO on TH-cam: / @komonews
Watch more top local news stories: • Video
For all of the day’s top local and national news, visit www.komonews.com/
Watch our live newscasts and other live video at komonews.com/w...
Download our iOS App: itunes.apple.c...
Download our Android App: play.google.co...
Have a news tip? Send it directly to us:
Email us: tips@komonews.com
Call the Newsroom: 206.404.4000
KOMO News (ABC 4) provides the latest breaking news, sports, weather, traffic, and local event coverage in the Seattle and Western Washington/Puget Sound area including Bellevue, Redmond, Renton, Kent, Tacoma, Bellingham, Yakima, and surrounding communities
#komo #komonews #komo4 #komo4news #seattle #seattlenews #washingtonnews #amazon #hack #hacked #rockyou2024 #att #passwords #password #cybersecurity #fraud #identitytheft
Denise Whitaker
This video and all Sinclair Broadcast Group content archives of local news and sports coverage are available for your use. For more information contact us at contentsales@sbgtv.com
This is a terrible news story. They did not explain what credential stuffing is or how the hacker got the information.
LOL I felt like I walked into someone else’s conversation…news story is terribly done.
In fact, the only reason I clicked on this video was to find out what "credential stuffing" is.
Also what is this rock you breach? Where do I go to find out if my password is leaked? I have 300 passwords with 300 different accounts.
Does Komo mean that I should change 300 passwords today? And take 5-19 hours to do it?
Yeah, that info is missing but easy enough to search. It's "credentials obtained from a data breach on one service are used to attempt to log in to another unrelated service."
It only works if you use the same usernames/passwords for all online accounts.
@@ByteSizedSociety Google "have i been pwned?"
If you use 300 unique passwords, you won't have to change anything or just change 1 that's leaked.
Safer to use a credit card than a debit card!
Not really. Just dont leave the card active on any accounts. Add it, do your order, then delete it. Problem solved.😊
@@buzz5969 It's safer because credit card companies will almost always take the hit on your behalf. Its a lot harder to reverse bank transactions and you are out your funds until its rectified.
@@kaydixie5727 don’t have one only debit card
@@buzz5969no financial protection if debit cards are fraudulently used as it is tied to your cash. You’d have a hard time getting the bank to refill your checking account. Credit cards operate on a credit system and not a cash system so banks can simply cancel the transactions and you don’t owe the bank any money for the fraudulent transactions.
Absolutely correct!!!
What is "credential stuffing" and how exactly was the "hacker" able to gain access to their account?
Right. The most important pieces of the story weren’t explained
Credential stuffing is password reuse, where these folks used the same password on different accounts and websites, because it is easier. Don’t do this. Use a password manager to create and store long complex passwords for each website and bank accounts. And use 2FA (two factor authentication) with an app on your cellphone like Authy or Google authenticator.
It’s the reuse of passwords across accounts. The user’s AT&T password was the same as their Amazon password.
Its the MOST USELESS VIDEO on the internet.
@@Random_Identity Thank you for explaining...
Won't some hacker simply hack into a password manager app and then have access to all passwords for an individual? Why would a password manager be considered secure when it has so much vulnerability of having all passwords in one place?
2FA and more complex passwords. Password managers greatly reduced the practice of using the same password on multiple sites.
Not the answer 🤦🏻♂️@@seattlekarim964
If you don't hook your password manager to your browser or any application, it is reduces the possibly of getting hacked through the web to the manager: meaning everytime you need a user id and password, you have to manually populate the fields. If you get a good password manager, it will have a feature that deletes your clipboard after a few seconds, so that you don't have to manually. I would also avoid any password managers that require a online login (cloud type) for syncing purposes.
I will never use a password app. Trust someone else to manage my passwords?!? They're in an obscurely named encrypted file in an obscure location. I look up what I need from that.
Humans sucks at making passwords. Even if you use natural language patterns.
I order almost everything online, but I DONT leave any cards active in my accounts. I add them do my orders then immediately delete them. Cant charge to an account that has no chargeable cards.😊
@hughjaanus6680 So he missed a comma. The comment is still readable.
Lot of sites won't allow you to delete a primary card
@hughjaanus6680 WOW! Get over it!
It's ok if you leave a said prepaid card on the account that is empty and delete the card like the dude said that you actually have money on, the issue with his strategy is the scammers also obtained the email password @@ChintanCG
They can still open cards in you're name if they have access to other information though.
It floored me when I learned that every day, someone in the world is attempting to gain access to my computer. EVERY DAY!
I run RealVNC on multiple computers. It's shocking to see how many login attempts get logged, from RUSSIA. Why doesn't the govt understand that Russia is at war with us and act accordingly? The absence of guns and bombs does NOT mean the absence of war.
Please tell me how that can be done.
When will we hear they finally broke into the password manager system? Because you know they're working on it every second of every day.
Lastpass had like 3 hacks in the past 2 years
Good point:(
@@PliskinYT like???
Somehow my wife had her account attached to another person and we started getting crazy purchases but they were actually coming to our address. They ended up reimbursing us but it was a major pain to deal with. Now I’m scared every time I check the bank
I never leave my cards on Amazon. If I buy anything, I upload my card and then take it down each time.
Great idea I will try that going forward
How paranoid and inconvenient.
@@johnp139 that is what your bank tells you to do, then you do not worry about a breach or hack. Trust me I have viewed all kinds of information of others viewed online by accident
@hughjaanus6680 Find an opening on your device and insert it... it will upload. If you can't find it, shred the card into small bits.
That's right. 👍. You're absolutely 💯 correct. As for me,I don't use credit or debit cards.
Or a CashApp card, because if anyone hacks in there,that money is gone.
Amazon allows anyone to store your hard-earned money 🤑,as being on top of your budget.
I've always done it that way many times before. I only purchase those pre-paid Amazon cards available wherever they're sold.
Like at a Family Dollar. But it had happened to me.
Now I have to write a snail, doing it the old-fashioned way, because it wasn't my fault.
Hackers can steal ANYONE'S information,no matter how secure any password is.
How sophisticated any PC is. Computer software and hardware.
How anyone can not use multi factor authentication these days is beyond me.
Just cumbersome when you have many internet accounts.
Don't do two factor authorization where they send it to your phone though because if your phone is stolen - you're up sheets creek.
@@MissEAG No you won't. Because if your phone is stolen, you aren't making any orders. Verification is only good for a few minutes anyway.
if you use your cellular phone number as a second factor, it is actually worse in the event of SIM swap.
@@MissEAG Gotta enable find phone and lock your phone. Many people don't do this
Amazon has never asked to confirm a purchase before I've been shopping since 2018
Smh
I know, right. For all we know,YT could be spying for THEM right now.
To steal our hard-earned money 🤑, identity,and your Amazon account or accounts. All done by what's called credential stuffing.
Google it,and find out what it means. You'd be surprised and pretty shocked.
Amazon has been pretty god for me up to now. An on line account anywhere is always in danger.
Don't do two factor authorization wherer they send it to your phone though because if your phone is stolen - you're up sheets creek.
Correct. SMS as 2FA. Should only be used if you have no other alternative.
FIDO Keys.
TOTP aka OTP
In my 'non-professional' opinion: Email. If your email account is locked down. With decent email provider. It is difficult if not impossible to bypass the 2FA.
Tangent comment. A lot of people have weak security on their phone service provider accounts.
My 'non-professional' opinion. Speaking based off my non-professional experience and research. Start compartmentalizing your emails.
- Nothing important should be tied to email tied to any ecosystem. For example. Your telecommunications, social media, and financials. Should not be tied to your Gmail or apple emails. You know. The email accounts that 'directly' tied to the ecosystem of the device.
Using google as an example. You should have a google account. That you use for your mobile devices. If at all possible.
In my 'direct life experience'. One of the most foolish things I see people consistently do. Is store usernames, passwords, PINs, etc. On their device notepad apps. Very well organized. Yet even though I have told many of them this countless times over the years. To use a password manager. There are plenty of Opensource, Free, and Retail options.
- Never use a password manager tied to an ecosystem.
- Never use biometrics to access anything. Why people think this is secure? It is actually the worst option; especially as a single-factor.
Had the same thing happen to me only the people tried to order computer and I'm broke and don't have money so they couldn't do anything in Amazon caught on to it
*Don't use a password manager because they get hacked* keep passwords on an encrypted flashdrive
I keep passwords on a sheet of paper. I dare someone to hack that. Good luck reading my writing, better bring your magnifying glass.
@@smc5429 hahaha very good.
A good password is a hint of something sometime somewhere long ago . What was of brand of underwear I wore in 1960
@@vmobile890 Yeah can't hack Hanes Underwear LOL
This is a good idea. Now I have to learn how to encrypt a flash drive.
Also, what kind of text file would be good to use? MS Word, .txt? I'm thinking a pdf file wouldn't be good since a web browser can be used to read it.
NO debit cards when shopping online!
A PASSWORD MANAGER?
Isn't that a program from a third party that stores your passwords online for you,
so that hackers can access all your passwords in one place, and sell them for profit?
Unfortunately,yes. The irony of all this technology that we use,is that the more computer software and hardware we use(?),the better Big Brother can keep tabs on us.
Source : Enemy of the State. (movie) Classic. "The more technology we use,the easier it is for them to keep tabs on us.
It's a brave new world 🌍 out there.
At least it better be." Actor Gene Hackman (how ironic,huh?) as "Brill". Or real fictional character name: Edward Lyle.
Google: What is credential stuffing (you don't have to add the question mark when you enter it. Your query on Google.)
Second question (that I had Googled) : What is an example of credential stuffing.
Third question (that I had Googled) : What is the best solution to credential stuffing.
Very short answer : Multi -Factor Authentication.
Fourth question (that I had Googled) : Is credential stuffing DDoS?
You'll be shocked senseless!
Amazon suggests re-entering card for payment? Why? I removed mine from my Amazon account. No reason to keep it saved there so criminals can shop using my card.
Credential stuffing: brute force password cracking. They just keep guessing til they got it.
Unless of course the account gets locked after a certain number of failed attempts.
@@CrabbyOldLadyTHAT'S a bummer. Absolutely insane, just because SOME low life hacker just got to have an ego boost.
MOST legit companies DO NOT contact the customer, amazon is one of them. And NEVER use your debit card!!!! To much access to your $$$.
Linking a debit card to anything online is ludicrous. The only time I ever use my bank debit card is in my bank atm and almost always inside the bank rather than on the outside.
Whatever is the point of debit card? I don't get it,
You can get a teller card rather than a debit card if you ask for it.
Passwords aren't inherently weak. Implementation by the web service is. Blows my mind multi-billion dollar companies still can't get routine authentication right.
you can spend a trillion or quadrillion on technology... idiots will still fall for a simple social engineering trick. Sure in the case of rockyou2024 it has nothing to do with tricking users.
Already got my alert, thankfully NONE of my passwords re text only. I use numbers, letters, and characters. My husband and I also use numbers or letters switched. Like 8 for a B or E for the number 3. Remember just be creative.
I have made a few purchases through Amazon. Thing is almost every time a few days later my bank calls me and asks if I made a purchase at some place. No I haven’t. Which makes me think someone is skimming information that works at Amazon. So just beware people.
Wow! Amazon can actually DO that?? And I thought that Amazon was simply one of those MAGA FX companies that are out there.
The supporters of the corporate and conglomerate thin green liners WANT anyone to believe that they are excellent in customer service!
(with heavy sarcasm here).
M stands for Microsoft. A stands for either Apple or Amazon. G stands for Google. A stands for,once again, either Amazon or Apple.
F stands for Facebook. X is what was formerly known as Twitter.
Source : Rob Braxman Tech available on TH-cam. And in another social media outlet or network.
And people want to implant chips into their brains...
There was an Outer Limits episode from back in the 90s that was about that, although I can't remember if hacking was involved, but there was some sort of problem with the chip-- and just about everyone had one.
This stuff is why I buy a Amazon card for the amount of my purchases or as close to it as I can. That leaves them not much to steal.
Damn right! 👍 Absolutely 💯. That's what I always had been doing. That's how I've always been doing business with a MAGA FX company, that's actually a major, multi million dollar corporation.
I, myself don't use credit or debit cards, because if someone obtains that credit or debit card information, your chances of getting your money back are fifty-fifty at best.
You're much better off with using just about any credit card that's acceptable by Amazon.
IF you can afford it. I can't, because (I'm not ashamed to say this...) I can't afford it.
And it's not worth it. Of anyone having to deal with that type of situation.
Having to deal with a headache that cannot be quick, effective,and efficient. Because in most cases, it's rarely that easy.
I've been doing business online by having the Amazon app already installed on my smartphone.
Then I can purchase of what I can afford. Usually I get to practically have a budget online, without having me to have some payment plan from Amazon.
Or me being required to have some credit card in their corporate name. I've never had one,but I can only imagine how much difficult it can really be.
So I don't even bother dealing with that.
I've been doing business with Amazon for eight, almost nine months, until something like THIS happens.
A major data breach. It had happened to me. And using public wifi or a WiFi hotspot that's not by a VPN,can make you vulnerable to phishing, malware adware,and spamware.
Google what is credential stuffing on its website,and it'll tell you.
Also Google of a question. "What's is an example of credential stuffing?"
Question two: "What is the best solution to credential stuffing?"
Very short answer: Multi -Factor Authentication.
Third question : "What the difference between credential stuffing and password spraying?"
Fourth question: (that's Googled) : "Is credential stuffing DDoS? "
You'll be shocked.
Its not a data breach. It's a password file.
Then.... they advise you to give all your new passwords to a "Data Manager", hello.....you're still giving your information to someone else! Don't so it! Just be old fashioned, change all your passwords, make them tough, and write them down on a piece of paper and stick it in your wallet! Or better yet, your BIBLE! No one will ever find it there.😂
Thank you .
*Hello* Few days back I bought an iphone 13 pro on Amazon and my account was temporarily disabled, my order didn't came through, I heard a debit from my bank account and tried getting in contact with customer service but the weren't of help either....
*Werner Code's* handle cases like this in terms of disabled accounts and also helping you recover your money even without customer service.
*He's a super genius at what he does and I will recommend him to anyone.
*He's on Instagram
*Make sure you contact him for help, because he was the only solution to my problem🥳
So what is "credential stuffing?" It's in the title but not explained.
Credential stuffing is the type of cyberattack in which the attacker collects stolen account credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords.
Question that I had also Googled is : What is an example of what credential stuffing might look like ? It could start with one of your account logins being leaked on the dark web. A cybercriminal buys the data and uses bots to test other possible accounts.
One of the attempts is successful,and now the hacker has access to your other accounts too.
ANOTHER QUESTION that I Googled:
What is the best solution to credential stuffing?
Short answer: Multi -Factor Authentication (MFA).
Yet, ANOTHER QUESTION. . : What is the difference between creditial stuffing and password spraying?
Answer: With creditial stuffing,the cybercriminal already has a vertified set of login credentials that can be used to gain access to multiple accounts for one user.
Password spraying does not have a set of login credentials,and has to guess them by matching up commonly used passwords with a list of usernames.
Yet, another ANNOYING question that I had Googled : Q: Is credential stuffing DDoS?
@@Jerry-o3p Thanks for the information! The answer to your last question, if you google it exactly as written, is "No, credential stuffing is not a Distributed Denial of Service (DDoS) attack ...
Goal ... A DDoS attack's goal is to disrupt a service by overwhelming it with traffic, while credential stuffing's goal is to gain access to accounts.
Method ... A DDoS attack sends a large amount of traffic to a service, while credential stuffing uses lists of stolen credentials to try to log in to multiple accounts.
However, there is a connection between credential stuffing and DDoS attacks:
Performance problems ... Both credential stuffing and DDoS attacks can cause performance problems, such as slow or unavailable online applications.
Credential stuffing disguised as DDoS ... Cybercriminals can make it appear as if a website is under a DDoS attack while they're actually trying to gain access to accounts.
@@Jerry-o3p I just commented, answering your question and thanked you for the info, but it was deleted for some reason. I just googled your question exactly like you asked it, and all this info came up about it.
@@Jerry-o3p Can;t answer as my comments are getting deleted, and I'm not breaking any rules or anything. Sorry!
Great job to the cyber security…. Thanks ….
I’m getting emails of someone using my PayPal account on eBay and other places how can you protect yourself?
Yikes your card info off until you need it. Let PayPal know.
@@dw3403 thank you
Those emails may not be legit. They might be part of a scam. Make sure you aren't responding to them - instead, check your paypal account or directly with your bank to see if there have been any fraudulent charges made.
So companies who collect personal information can just keep selling it?" ...
This literally just happened to me. It sucks really bad I feel like it's happening to alot of people now that i research it a lil.
4 hours lucky him! I've been dealing with this 3 months and how to contact the Attorney General
My packages were stolen… a laptop please investigate 🙏
That's what I don't like about Amazon. As with any MAGA FX company that's actually a corporation,there are pros and there are cons.
The pros : (I know this won't help much,but here I go. My Amazon account had gotten hacked. And I don't even USE a bank credit or debit card! Yikes!)
The advantages are it's insanely, unbelievably fast. (please don't ask me why,or HOW they actually do it. It's probably never easy....)
It's usually dependable when it reaches its destination. And it's SO convenient.
The CONS? If a Amazon package is stolen by some porch pirate, (i.e. a thief) then according to Amazon's Terms and Conditions,you usually cannot get a replacement,a refund; because whenever Amazon delivers their package or packages that you've already PAID for, they're not reliable for them.
It'd be a pain in the butt trying to clean up that mess, because they always take a pic or pictures whenever they DO get there.
And if you have a smartphone, and have available data,and/or WiFi,you can be able to track where that package went.
By its tracking number. Odds are a hit&/miss ratio that you'll see your package again and be able to get a refund.
Or an exchange. But...... I don't know. Because where I live; it's at a Section 8 housing complex.
Or apartment development area. Meaning that if I live in a financially low income area, there's a good chance that all-important package 📦 can easily get stolen.
And its leasing office isn't always available,even in normal business hours, either.
That's why I ALWAYS use those pre-paid Amazon cards. I never use credit or debit cards.
That way, your chances of having your identity stolen or compromised is slim.
Or a reduced chance of your information being stolen by cybercriminals.
Have a plan. Have those packages from Amazon being delivered to another address.
You think so ,really . This country has been hacked since the HAL 2000 was revealed
Amazon forces me to keep a creit card on file because they charge me for prime every month
Inside jobs.
Dumbest comment I’ve ever read
What a shame.
Shopping Amazon isn’t safe?
No, it's not completely safe if you rely on a public WiFi network anywhere that's public.
Public transportation is one place you DON'T ever want to be online without a VPN.
Any public library is suspectable to anyone becoming a victim of any major data breach.
That's nationwide. There's no escape from any hacker who's sophisticated enough to be determined to steal your hard-earned money, identity,and your Amazon account information,even if you don't use credit and/or debit cards!
OR use those pre-paid Amazon cards. That's how I got ripped off. Only lost thirty dollars that had been stored in my previous non hacked Amazon account.
It F-ING sucks. I know. Those perpetrators WILL eventually get caught. It's only a matter of time.
I DO NOT feel sorry for them.
Amazon's one of those MAGA FX companies that are powerful in their own computer domain.
Supporters of Big Brother? No,not exactly. It's more like them being advocates of Big Tech.
A multi million dollar corporation that's powerful enough to be in a Fortune 500 company.
A multi million dollar corporation that's what its CEO probably thinks that he's powerful enough to do whatever he wants.
To treat his own business and his employees and employers alike,any way he wants to.
Smh. It's sad and a shame that there are better opportunities that are out there that treat their employees and their employers alike a lot more fairer than Amazon ever will.
Their CEO wants their business like Walmart gets Mom-and-Pop shops out of business.
Those who are one,two, or probably three steps ahead of him; Amazon; if they're more than just smart, won't do it.
Mr. Jeff Bezos should seriously be ashamed of himself.
3200 dollars taken and amazon didn't do any thing and neither did boa
Goddamn... 😔. That's a damn shame. Sounds like me trying to get my money back from me purchasing those prepaid Google cards.
You might need a damn good lawyer.
@@Jerry-o3p that is what i doing next
I took my credit card info off Amazon last month.
Good for you 😁! You're smart. Try using those pre-paid gift cards that's by Visa. Or Mastercard.
Available at any Family Dollar. Dollar General. Walmart. Walgreens. CVS PHARMACY. Petsco.
Your local grocery store or grocery supermarket.
At Barnes and Noble.
Go very slow. If there's a problem,if you fall victim to a major data breach,such as now,you can easily have that pre-paid gift card,and whatever you do........do NOT throw it away!
Keep the outer package that comes with it,if possible. It comes in increments. You set your own limit of what YOU want.
That way if anything or any low-life hacker tries to get your money,AND deletes your Amazon account information, like I did, there's plenty of recourse.
That means you'll be able to get your money back.
I don't even use credit or debit cards! I just used those pre-paid Amazon cards available wherever they're sold.
Like at a Family Dollar. Dollar General. Walmart. Walgreens. CVS PHARMACY. Your local grocery supermarket.
At some Barnes and Noble bookstore.
All my Gmail account of whatever was in there,of the previous Amazon account that I once had,is gone too.
There's a MAJOR data breach nationwide across America!
STAY AWAY FROM AMAZON for the time being, until it's all over.
If your credit cards are compromised, PLEASE file a police report.
Or several police reports. Call your credit card bureaus,your 🏦,and warn everyone.
Shop online safe.
FYI : Don't,as in do NOT ever give out that pre-paid gift card by Visa or Mastercard to any Amazon rep!
Makes you want to go all in on the digital dollar-NOT!
Sounds like trying to invest in cryptocurrency. Which is really a Ponzi scheme.
I dont use credit cards.
I buy a giftccard forcexaft amount needed.
Rotten ! Another reason to NOT buy from amazon !
Someone takes your laptop and this is how you cover up?
WHT IS CREDENTIAL STUFFING??
I had Googled it for you. It says : (Survey SAYS! - ding! - ding, ding!)
Credential stuffing is a type of cyberattack in which the attacker collects stolen account credentials,typically consisting of lists of usernames or email addresses. And the corresponding passwords.
That answer your question?
Also Google : What is an example of credential stuffing
Second question (that I had Googled: ) : What is the solution to credential stuffing
Very short answer : Multi -Factor Authentication.
Third question (that I had Googled) : What is the difference between creditial stuffing and password spraying
Fifth question (that I had Googled): Is credential stuffing DDoS?
Answer : (from Google) : Credential stuffing disguised as DDoS is a sophisticated cyberattack strategy where cybercriminals make it appear as if a website is under a DDoS attack, while they're actually trying to gain unauthorized access to multiple accounts by testing stolen credentials.
Lousy work. You really should do a better job for your audience. Start with the who, what, when, and where.
Look up and Google "What is credential stuffing".
I had my Amazon account closed because I got my account ban for life
Best Sassy Realistic Advice, stop shopping online and start shopping in person.,
Furthermore, I guess the saying is true, although online shopping tends to be very affordable aka cheap at the end, it becomes a costly financial loss experience.,
Shop in person great advise what’s the local stores name with everything Amazon sells ?
My account from amazon was hacked, from someone in mexico
How in the world 🌍 DID that happen?? I had been using those pre-paid Amazon cards. I don't even use credit or debit cards!
Google: "What is credential stuffing" ....
And it'll tell you.
So much for 2 factor authentication!!
The ignorant talking heads at komo has no idea what credential stuffing is, but know to use it as a youtube title to maximize clicks. Nothing was said about what credential stuffing is, including the supposedly security expert interviewed. Most likely the expert explained it and gave the right recommendation, but was deemed too complex and hence edited out for this video clip. This is why I have such low expectation of the US news media in general, and they continue to prove I am right.
NEVER USE A PASSWORD MANAGER
USE YOUR BRAIN
Just happened to me
These for those people , who just buy everything online. & put their details here their even QR scanning is a bug scam too. Soo just take care, & buy wat is necessary.
What? 😳
Journalism these days...
I this happened to me this few days ago someone try 2 laptops
*Hello* Few days back I bought an iphone 13 pro on Amazon and my account was temporarily disabled, my order didn't came through, I heard a debit from my bank account and tried getting in contact with customer service but the weren't of help either....
*Werner Code's* handle cases like this in terms of disabled accounts and also helping you recover your money even without customer service.
*He's a super genius at what he does and I will recommend him to anyone.
*He's on Instagram
*Make sure you contact him for help, because he was the only solution to my problem🥳
The old Amazon scam!
It's not a scam it's a security breach that the hackers are getting into.
I go one step further, i use a reliable prepaid card, and if i want to make a purchase i go to the place i can put money on it with cash and then order my items, all the money is gone then and if someone gets into my account they would have to pay for their own stuff, lol.
Yeah. That's one way of overcoming that obstacle in so many cases in many situations available.
That is,IF Amazon accepts it. But a lot of those cards, often don't accept them as reliable valid form of payment.
I've always thought of that,too, but,it doesn't work. It may work for a couple of times,but after that, it's useless.
What is credential stuffing? Google what it says of the answer.
I can simply give you one. Here it is : A credential stuffing is a type of cyberattack in which the attacker collects stolen account - or accounts - credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords.
Second question : What is an example of credential stuffing....
An example of credential stuffing might look like could start with one of your account logins being leaked on the dark web.
(that's scary. )
An cybercriminal buys the data and uses bots to test other possible accounts. One of the attempts is successful, and now the hacker has access to your other accounts too.
Third question: (being Googled) : What is the best solution to credential stuffing....
Very short answer: Multi -Factor Authentication. (MFA).
Fourth question: what the difference between credential stuffing and password spraying....
Fifth question: (that I had Googled) : Is credential stuffing DDoS?
If just about any hacker can do all this, because they are notorious for them doing that,then NO Amazon account is safe.
It has happened to me,and believe it or not, I don't even use bank credit or debit cards!
Only those pre-paid Amazon cards available wherever they're sold. Like Family Dollar. Walmart. Walgreens. Dollar General. Barnes and Noble. Wherever they are sold.
And I tried signing in to create a new account,but it doesn't work.
It'd say "Internal error occurred. Please try again later."
What does THAT tell you. I'd stay away from it for a while,then write to their company.
Amazon's currently under a major data breach. And they may not even know it. Or seem to care.
And it may not be the only one.
Buyer BEWARE!
Their CEO probably wouldn't care, but as far me having faith in me being their customer of Amazon?
Forget it.😔.
Well? Cancel this Amazon crap , get off your ass, go to a store!!! Of course common sense won't work!!😅😅😅😅😅😅😅
*Hello* Few days back I bought an iphone 13 pro on Amazon and my account was temporarily disabled, my order didn't came through, I heard a debit from my bank account and tried getting in contact with customer service but the weren't of help either....
*Werner Code's* handle cases like this in terms of disabled accounts and also helping you recover your money even without customer service.
*He's a super genius at what he does and I will recommend him to anyone.
*He's on Instagram
*Make sure you contact him for help, because he was the only solution to my problem🥳
Ohhhhhh nooooooo not Amazon
Lock your debit and credit cards. So easy.
Except that it's not. If it were that easy, EVERYONE would be doing it.
Except that it isn't.
ohhhhh nice try TH-cam.
When are people going to learn do not use debit cards they are junk you don't have the same protection as a credit card
That's right. Usually you CAN have much better chances in having protection from most cyber attacks online,but it's not foolproof.
I'f any better than just being smart, intelligent, and ordinary hacker can use credential stuffing, which is the type of cyberattack in which the attacker collects stolen account,or accounts, credentials, typically consisting of lists of usernames or email addresses and the corresponding passwords. Then NO Amazon account is safe.
Never underestimate ANY hacker online! Report it to the local authorities.
Your police department/sheriff's department. Then your bank. Credit card company.
Get a police report. As many copies as you can get. (Unfortunately,you have to pay something cents per page of just one copy,at the police station. )
Google: What is an example of credential stuffing.
Google says : "An example of what credential stuffing might look like (here it is) , could start with one of your account logins being leaked on the dark web.
A cybercriminal buys the data and uses bots to test other possible accounts. One of the attempts is successful,and now the hacker has access to your other accounts too.
Another question (that I had Googled ) : Q.: What is the best solution to credential stuffing?
Very short answer : Multi -Factor Authentication.
Third question (that I had Googled) : Q.: What is the difference between creditial stuffing and password spraying.
(You don't have to add the question mark,when typing it in. )
Fourth question (that I also Googled) : Is credential stuffing DDoS?
You'd be surprised. And absolutely shocked.
Imagine the government actually doing their job and protecting people rather than all the other nonsense they keep busy with.
Cia at it again
Nope. It's the corporations and conglomerates who are supporters of the thin green line.
Nice try, TH-cam..
I called amazon just to ask a question. The guy says you need to start an account & put in your payment method; I'll hold while you do that. I hung up. I've never done business with amazon, and never will.
It's called social engineering. That's one of the ways Amazon can easily steal our hard-earned money 🤑, identity,and your Amazon account or accounts.
And they want to push all this AI.
simply stop purchasing anything on line
I purchase everything on line..
There are skimmers in real life too
Hope you don't live in a small town with barely any retail. Or don't want or need anything like airline tickets that can't be purchased in person.
@@reginabillottiagreed, except you can definitely buy tickets in person at any airport.
@@fdavidmiller2
Yes, but it's a lot more cost effective to buy in advance whenever possible. And for me, it's too long of a drive to the nearest major airport to make a trip just to get tickets. So yeah, maybe "can't" was a little oversimplification, but it's basically true.
Dont put your cards on file idiots.
I have been
That's what you get for feeding the Beast I've never ordered anything from Amazon
It's not just Amazon this is happening on.
Why would anyone obtain a debit card? Any credit card will do the same and won't be misused. What is the point of the debit card?
I never keep any payment information on any site. I always keep my cards locked as well as my credit cards. Paying for password encryption is worth the money.
Ah. But even with the best computer software and hardware that money can buy (no, it's not cheap..) ,no matter how sophisticated it may be,and no matter what anyone thinks of what anyone that can Google "What is credential stuffing" .
It'll tell you.
Second question: " What is an example of credential stuffing".
Third question: "What is the solution to credential stuffing"...
Very short answer : Multi -Factor Authentication.
Fourth question: (that just about anyone can Google). : "What is the difference between credential stuffing and password spraying"...
Fifth question: Is credential stuffing DDoS?
Survey SAAAAYYYYSSS !! (good-naturedly).
Credential stuffing disguised as DDoS is a sophisticated cyberattack strategy where cybercriminals make it appear as if a website is under a DDoS attack, while they're actually trying to gain unauthorized access to accounts by testing stolen credentials.
Storing your passwords is how hackers get them, so just enter them manually every time.
Don’t leave a payment method in Amazon. Use it then delete it right away after the purchase has been completed.
Can’t get hacked if you go to an actual store and buy it with cash. You’ll receive it faster then next day shipping too. Heaven forbid you use your legs tho.
EXACTLY very well said👍👍👍
If there is a store that sells the product you want, that is. That won't always be the case. And some things you can't buy from a store (e.g. airline tickets).
Besides, cash is not always perfect. You can be mugged. You can also fall victim to phony credit card readers at ATMs. (Look up "card skimmers" to learn about this)
ok boomer
Unfortunately we don’t live in the 70’s anymore
@@BobbillyjrboyThat's SO very true. That's what killed the indoor malls in America we once had.
What good is a complex password when the passwords were exposed?
I've got three words for you,my dear friend. : Rob Braxman Tech. Available on TH-cam.
Cyber cat and mouse game continues.
Like the most computer software and hardware sophisticated state-of-the-art complex complicated programs out there.
Go ahead and Google "What is credential stuffing".
Second question: " What is an example of credential stuffing"....
Answer that I had Googled : "An example of credential stuffing might look like could start with one of your account - (or accounts) - logins being leaked on the dark web.
A cybercriminal buys the data and uses bots to test other possible accounts. One of the attempts is successful,and now the hacker has access to your other accounts too.
(That's scary. 😱))
Question: (that I had Googled) : "What is the best solution to credential stuffing "....
Very short answer : Multi -Factor Authentication.
Sort of la long answer : Requiring uses to authenticate with something they have in addition to something they know is the best defense against credential stuffing.
Attacker bots will not be able to provide a physical authentication method,such as a mobile phone or access token.
(Wow. That's important. I didn't know that.)
Question: (that I had Googled) : What is the difference between creditial stuffing and password spraying "....
With credential stuffing the cybercriminal already has a vertified set of login credentials that can be used to gain access to multiple accounts for one user.
Password spraying does not have a set of login credentials and has to guess them by matching up commonly used passwords with a list of usernames.
(THAT'S a mouthful. ) All because of some low life hacker or hackers with major egos and being knowledgeable....for the wrong reasons. )
Question (that I had Googled) : "Is credential stuffing DDoS?"
Answer : Credential stuffing is disguised as DDoS is a sophisticated cyberattack strategy where cybercriminals make it appear as if a website is under a DDoS attack. While they're actually trying to gain unauthorized access to accounts by testing stolen credentials.
(Goddamn!😮)
The best solution there is....the ultimate fighter in combating just about any cyberattacks and compromised cyber security.
I've got three words for you, friend :
Rob Braxman Tech. Available on TH-cam.