A number of Amazon Marketplace third-party sellers recently have been hacked, with the bank deposit information Amazon uses to pay them altered so that hackers could steal in some cases thousands of dollars from the sellers, The Wall Street Journal reports.
A lawyer representing several Amazon sellers told the Journal that more than a dozen of his clients claim to have been hacked, with some of them losing monthly sales up to $100,000. They are in the process of trying to recoup these losses from Amazon.
Marketplace Pulse, which monitors seller activity on e-commerce sites, added that the hacks of dormant third-party seller accounts also have been on the increase, with as many as 20 attacks per day occurring on some days. In these cases, non-existent products are offered at steep discounts in an effort to steal payment information from customers who try to buy them.
Amazon appears to be taking many measures to protect sellers and customers from fraud losses, and is investigating these incidents, but this appears to be a situation in which the Amazon Marketplace hackers have used account information gained from previous hacks of other companies, which in turn suggests some of the affected sellers may not have been using unique passwords for their Amazon accounts. On the so-called "dark web," such identity details can be sold for between $1 and $3 each, according to the Journal report.
So, ultimately, the moral of the story is don't use the same passwords on every site, especially when these passwords are being used in some cases to protect significant financial accounts. Using unique passwords should be the norm now: Many sites now offer two-step verification, which sends a telephone prompt before allowing a login, and while some users may think they don't want to take the time to set this up, consider the alternative.
On the consumer side, shoppers have to be more aware of the possibility that an otherwise popular item given an extreme discount could be a fake sale intended as bait to capture their payment card data.
There are certainly things that both merchants and shoppers can do to be smarter about protecting themselves, but ultimately its does fall to Amazon to make sure these hacking incidents are few and far between. The e-commerce giant has worked hard to grow its marketplace merchant base, and it is now proving to be one of Amazon's biggest strengths, with more than two million sellers in the marketplace responsible for more than half of Amazon's sales. There is also an astounding number of third-party sellers — more than 100,000 — who bring in more than $100,000 annually. Amazon needs to protect them in order to protect its own bottom line.