Amazon’s customer service backdoor

This is a serious case of what I’ve come to suspect in the past few months as well. About 2 months ago I received a fairly sophisticated phishing email designed to steal my Amazon login details. I noticed it right away, but decided to use Incognito Mode to access the URL to snoop around a bit. I didn’t find anything revealing — but I decided to contact support to notify them that I had been targeted for phishing and to ensure that they would not reset my password (despite me having 2FA enabled) via chat or phone support. They outright refused to add a note to my account to refuse a password reset via phone or chat.

Needless to say I was absolutely blown away by the serious lack of security standards when a consumer is coming to them to ensure that their account doesn’t fall victim to social engineering attacks. It’s entirely pathetic.

Show your support

Clapping shows how much you appreciated Zach Queal’s story.