So around 8:30PM last night I get an email confirmation from Amazon saying that I have placed an order for an brand new unlocked Iphone 4s. The total is around $620, and it is being bought from one of those small private shops on Amazon. But the thing is I never placed the order and no one else has access to my account that I know of. So I thus logged into my account and was able to cancel the whole thing since it was still in the processing phase. The billing and address for delivery was my actual local address in town. Since I have Amazon Prime, the delivery was set for next day. So my question is what type of scam/fraud is this person running? Was the fraudster planning on scoping out my house when the parcel arrived today and just stealing it off my front porch? Or is there some other way the scammer could actually get the Iphone he/she ordered via my account even though it was supposed to be delivered to my actual address. A little bit confused here. Thanks.
Did you maybe log into your account somewhere and forget to log off? Maybe Amazon on your phone or tablet that you left out and someone is just messing with you?
Did you log into your Amazon account directly, or through a link in the email? If it is a link in the email, I would suspect a phishing attack, and you just gave them your login and password on a site made to look like Amazon's site.
With phishing scams and after luring him to log in at a fake site, they can have a bunch more information.
They did it because they are the seller. You will get the phone but they will get the profit since they sold it to you.
review all your accounts carefully and notify your bank of any suspicious transactions and let them know that your identity may have been stolen.. notify one of the credit bureaus and put a fraud alert on your credit report now!!
I'm pretty sure I didn't click on a fake Amazon phishing email. I'm pretty vigilant about those things. Also I don't login to any accounts on my mobile phone. So I wouldn't have left anything logged on for others to access. The only thing I can think of at this point is that a month or so ago, I heard some of the private torrent sites (RevolutionTT) got hacked and passwords were stolen. I use the same password on RevolutionTT as I do on Amazon. So that is the only thing I can think of. Still doesn't explain as to why someone would have the goods shipped to my own house. Thanks everybody for the advice thus far.
You can always log on amazon and check your history. If you don't see it, you clicked on the phishing link. Bottom line... change all your accounts that share that same password.
Maybe someone just really want you to have an Iphone 4s. Or could it be that you were intoxicated one night and subconsciously bought an I-fen?
Delete your paying method that's saved into your account? I had a similar thing happen to a friend of mines. Someone got his Amazon account info and ordered thousands of dollars worth of stuff and had it shipped to some other state. Ever since, I always made sure my billing info is never saved on any websites.
Hey Mr. Brightside, Sounds like you did not fall for a phishing attack. They are not very impressive from a technical security standpoint, so I'd tend to believe you if you say you didn't fall for one. The information scare you are getting in this thread is inaccurate. Of course there are very stealthy ways to attack sites (such as reflected XSS), but if Amazon has such a vulnerability, we would all know and you wouldn't be the only one posting this. Besides, even such devious things require you to be logged onto Amazon at the same time you click on a nefarious email or go to an evil site. Plus old browser could have an exploit, too. But none of this makes sense, since they shipped it to your house. Do a virus sweep of you machine, and update your current browser to latest patches. Again, even if the virus sweep turns up something, an attacker wouldn't ship to your house. To me, unless you were drunk shopping one night (j/k), or a friend/gf is playing a trick on you by getting on your machine, I would think you could also be a victim to more old school/less technical fraud. I'm thinking a felonious fedex or UPS carrier. I'd report to Amazon, my credit card company and find out who was supposed to deliver that package.
If its not your wife, someone cracked your pw O would at least add a letter or symbol to your password. Next time,, your email and atty will be changed...