I had a similar experience quite some time ago. Somehow small AWS charges were appearing on my credit card--on the order of around a dollar. I called Amazon and asked them where the charges were coming from and they wouldn't tell me. I had no personal AWS account nor had I ever used the card with AWS. They refused to provide me any level of assistance. It was very frustrating. This meant every month my wife had to request a chargeback through the credit card company.
This doesn't always work. I had a similar problem with Chase, and the charges kept appearing on the new card. Chase explained to me that the charges can follow the person, not the specific card number.
This can happen sometimes if you get a new credit card number (but the same account). If you have a reoccurring purchase, like a subscription, the billing was already authorized, so the new charge is automatically applied to the new card number.
If you get a completely new account, that can't happen. I'm not sure what happens if you get a new card from the same company (like getting a brand new Chase account). I'd guess it would depend on their backend as to if new charges followed you.
It works like this. Chase is trying to be helpful so let's say you set up your utility bill to go through their credit card. Now, you get a new card with Chase because you lost it. Chase can see that the old number and new number are both attached to your account history and the charge from the utility company has the same utility account number so they happily approve it for you so you don't have to change your utility billing. It isn't such an awful feature except in this case where you want it stopped. This is one argument for not using credit cards for recurring online bills and ACH instead. Most people love the rewards though.
We need better online payments options that prevent these scams. It would be nice to have the ability to whitelist and blacklist online vendors.
Other people have told you how this "account update" process works so I'll skip that.
I just went through this with Citi/Mastercard.
I'm not sure if other companies do this, but I was able to opt out of this "account update" feature to hopefully stop a Comcast charge from going through to my new card number. I'll find out on Dec 10 if it works, but the customer rep I spoke to says it should. It basically cancels that feature so that I now have to manually go through every merchant and update them to my new credit card.
I can understand this is your deep, gut reaction - "sue them!", but have you ever been to small claims court? Are you aware that most ToS define the resolution mechanism which includes the jurisdiction?
Isn't up to the company to send a representative and point out the ToS to the judge? Just because the ToS says that doesn't mean the end user can't file.
It's a feature they provide to be helpful to their customers. Absent any info from you about needing to stop it why would they not do it, it's there to make losing a card much less painful than it used to be.
That's an awful lot of work just because Amazon can't charge the right account.
It also doesn't necessarily solve the problem. The charges could accumulate in their systems until Amazon hands them to a debt collector, or the bank might helpfully transfer them to the new card anyway.
It is theft, but it's not amazon stealing it, it's somebody else. Amazon knows there is somebody scamming them, but, here's the kicker, they don't know if it's the caller complaining or the person placing the order.
The best thing to do is exactly what they said, file a chargeback and eventually Amazon can take action.
You'll notice the person running the website never cooperated with answering Amazon's questions, it's no wonder they didn't work with her. If you don't want to work with the merchant, then contact the credit card company. Not hard to figure out.
At a minimum Amazon should have to help clearing up the issue. I guess some entities are above the rules most of us have to live by. Same with hospitals that can repeatedly charge bogus items without any consequences.
Just because they won't tell your they're looking into it (because they don't know you or you're not authorized to discuss someone else's account) doesn't mean they're not taking action behind the scenes.
It's not their job to secure your card outside of their own system. Assuming these cards aren't stolen from within Amazon's own servers, it's up to you and your credit card to protect it from unauthorized use.
Yet there's this alternate universe where there are laws against facilitating a crime, receiving stolen property, etc. I'm not saying that sort of thing applies to Amazon, just saying isn't it weird that it doesn't?
A traditional method used was to send two very small random payments, say 0.03 and 0.09 to the card in question, then ask the caller to confirm the payment details, how much etc, once they'd arrived. If they could provide these details that is pretty much as far as they can go in terms of verification.
And if the card has two authorized users, with the second person making purchases the first one doesn't know about? How is that at all Amazon's problem?
The trick is balancing account privacy with fraud prevention. Without being the account owner or having any real relationship with Amazon OP has a hard task of proving who they are and generally you wouldn't want Amazon sharing any account information with non account owners.
I think the real solution would be for them to just provide an auth mechanism for people to prove they are the CC owner so they can remove the payment method from any accounts and not give out any info on the name or email on the account. I've seen a few things that use a small charge that gets refunded and you enter it back in the app as a 2FA.
This has happened to me on a corporate level as well. We had many teams that opened their own AWS accounts with a shared credit card. They wouldn't tell us what accounts were using the card, even though we simply wanted to migrate things to separate cards.
Useless, unhelpful, and borderline braindead. And yes, we have paid enterprise support.
Sharing CCs across teams is a business antipattern. You should use expense reporting, or switch to invoicing.
Regardless, when I was a consultant we had success with the email admins tracking the signup and/or billing emails, which arrived at the account numbers.
I went through something similar when an ex went wild with my credit cards. You can actually call the credit card company and tell them to block all purchases from a specified merchant. So I had to block all Amazon and Uber purchases.
Just reporting the card lost/stolen doesn't work because these services already verified and seem to come across as recurring transactions that still go through even though the old card has been reported lost and there's a new number.
Are you saying that after Amazon verifies your credit card once, a scammer can keep making purchases on your card after you report it stolen to your credit card company?
This is news to me.
How long can Amazon do that? The end of the day? The end of the month? What eventually stops Amazon from accepting a card which has been reported stolen, and how long does the process take?
But blocking one specific company such as Amazon works faster? Why is that?
I guess at the end of the month, you can dispute the purchases.
It's a feature on credit cards. Merchants in good standing can get updates on your new credit card. This should keep failed transactions to a minimum; for example, your electricity bill won't bounce if you got a new credit card and forgot to update your billing info.
What Amazon should be doing is letting you cancel an Amazon account if you know what credit card information it's using, like the author of this blog tried to do. The flaw is if your credit card info is leaked and someone cancels your Amazon account. But I see that as vastly superior to just having a random unauthorized Amazon account somewhere out there with your leaked credit card info in it making unauthorized purchases.
> What Amazon should be doing is letting you cancel an Amazon account if you know what credit card information it's using, like the author of this blog tried to do.
As you note, this has a flaw:
> The flaw is if your credit card info is leaked and someone cancels your Amazon account. But I see that as vastly superior to just having a random unauthorized Amazon account somewhere out there with your leaked credit card info in it making unauthorized purchases.
I don't see why it needs to be all or nothing. Just remove that credit card from the account, and block it from being added back. That lets you stop someone who has your card on their account, without opening you up to having your Amazon account canceled if someone gets your leaked info and wants to be a jerk.
That solution is still better than what Amazon is currently doing, and I do like it. My reasoning is that an account being accused of fraud shouldn't be left open. But I suppose a fraudster isn't inconvenienced by having to create a new Amazon account and continuing their fraud there.
Ah: "The end game here in many cases is for the seller to be able to pose as a verified purchaser and write a glowing review of their own product". Seems obvious now.
In both of those cases they seem to line up with the theory of unscrupulous resellers wanting to bump fake reviews, but in neither case the victims are financially worse off through fraudulent transactions
This isn't that. In the thread's article the author said someone stole their identity and used their credit card to order these things from an Amazon account they don't control. That isn't what your link describes.
In my experience credit card companies honor charges on the old credit card number with the new card. You’d have to close the credit account and open a new one (or just freeze the card).
I still have a hard time believing this is legal, but I had this confirmed on the phone today.
Of course it also blows my mind it’s legal to use an SSN as a form of id, so maybe I am setting my expectations for corporate america too high (ie off the ground at all).
I did not see this line in the report. Thanks. Still wondering what else can be done. If a credit card reissue doesn't solve the problem, I'd take that up with the issuer immediately.
I just never let online merchants store my card number if I don't really have to. I'm totally okay with having to enter it for every purchase if it means I can avoid stuff like this.
After the Amazon rep said "Amazon: This account has your information in it.", he never just tries to tell Amazon his number to see if that IS what is on the other account. Seems so odd to me. But regardless, as others have mentioned already, why would you not just cancel everything to get it sorted out like any other fraud that would happen?
He says he did cancel his card. I guess you're saying he should cancel his Amazon account? That's a bit of a drastic step, so I can understand not jumping to it immediately.
I've had this happen three times now, all with products I would be very unlikely to buy. After confirming that I was not charged for any of the three instances, I took the path of least resistance and donated the items (none of which were expensive) to a thrift store.
(The speculation I've read is that some manufacturers will buy their own products and send them to random addresses, in order to create fake reviews.)
Heavily reminds me of the episode "Autofac" from television series "Electric Dreams," a major plot device of which is megacorp [in the show, obviously a satirical take on Amazon] delivering unwanted packages to the [apparent] last survivors of post-cataclysmic humanity
Aside: I bet the people who use these avantgarde fonts on their blogs feel so classy, but they make the text so hard to read on mobile, even with text size enlarged. I wish there was an instant "turn all fonts to your favorite font" button on mobile browsers.
At first it was annoying to me as well but then I thought that it is actually quite clever - nowadays people are conditioned to read few sentences and then take a break, tap, scroll,click something. Single article could be too much of cognitive load if this is meant to reach broad audience...
Well, multiple pages was too much for me to bother clicking through, so I stopped reading. It's really annoying, and I hope this doesn't become a thing.
Simple. Do a one-month amazon embargo on yourself, and tell your reception to refuse delivery on any amazon parcel with your name on it. Hopefully Amazons processes will flag the buying account as having a false address.
This is an interesting story, a cyber disfunctional Griffin and Sabine? Are these affiliate links to the strange products author was sent? Is this short format to drive page views of the “stop Amazon” site? Are we being played by the author?
Edit: The about section of the site gives some insight.
reply