Amazon stands for huge selection, fair prices and good service. This is where you go shopping when everything should be as smooth, fast and easy as possible. But with the popularity of Amazon, the security risks are also growing. More and more hackers try to crack buyer accounts and then go on a shopping spree at someone else’s expense. If your Amazon account has been hacked, you need to act quickly. Start by following these steps.

Step 1: Change your Amazon password

If you believe your Amazon account has been hacked, the first thing you should do is to immediately log in to your Amazon account and change your password. To do this, click on Account and Lists, Your Account, and then on Login and Security at the top of the page.

To the right of “Password” click on Edit. Then enter the old password in the uppermost field and the new one in the fields below. Your new password should consist of a unique combination of numbers, letters and special characters, and it’s best if you don’t use terms that are in a dictionary. It’s important you create an entirely new password and switch your Amazon account password to one that you use for other services such as Facebook, Twitter or Instagram. Finally, click Save Changes.

There’s one more step here: make sure to change the password of the email account associated with your Amazon account as well. This is important because it’s possible that hackers may have used it to obtain the access data for your Amazon account. How this works depends on your e-mail provider. If you are a Gmail user, check out this blog article about how to tell if your account was hacked.

One way to make sure you are always using unhackable passwords is to use a password manager. Either installed as a browser extension or a separate app, a password manager will create strong, unique passwords for you and safely store them for convenient access.

Step 2: Review your account information

Next, check if your Amazon account has been tampered with. You can do this by going back into Account and Lists and Your Account. For example, check the stored payment methods (“Your Payments”), billing and shipping addresses (“Your Addresses”), phone numbers and email addresses (“Login and Security”). If you discover any changes, log them using screenshots and then correct them.

If you haven’t done so already, at this point you should contact Amazon directly and report that your account has been hacked. You can call the Amazon customer service hotline for further assistance and to help monitor your account.

Sign up for our blog newsletterSubscribe now

Step 3: Check all orders

Next, take a look at your Amazon order history and make sure that all purchases were made by you alone. To do this, click on Account and Lists and Your Orders. Go through the orders of the last weeks in detail. Also look at Open Orders and Cancelled Orders. You should also review the Archived Orders activity found under Your Account and then Order and Shopping Settings. Hackers like to hide their fraudulent orders here.

Step 4: Activate two-step verification

Enabling two-step verification (2SV) makes it hard for hackers to access your account. That’s because Amazon will request an additional security code if someone tries to log in with an unknown computer, smartphone or tablet. While you’re still logged in, go to Your Account, then Login and Security, and click on Edit next to Two-Step Verification (2SV) Settings. Then follow the instructions.

Step 5: Remove stored payment data

If hackers have captured your Amazon access data, you can use it to shop not only at Amazon, but also in thousands of other online shops. The Amazon Pay payment system makes it possible. If you suspect that your Amazon account has been hacked, you should first remove all accounts and credit cards under Your Account and Your Payments. In addition, check your account statements very carefully for any unusual activity or payments.

We’ve got even more tips on how to shop online safely in this blog post.