(Technical Post) Security and Protection of Amazon Accounts

Not long ago , UpGuard researchers found that two databases with more than 540 million records were leaked on Amazon's public cloud servers, involving more than 22,000 Facebook users, including user account names, Facebook IDs, user passwords, activity records and other sensitive information. If this information is used by criminals, these Facebook users may suffer serious consequences such as account exploitation and credit card theft.

For us Amazon sellers, data privacy protection is of utmost importance. Not to mention the large amount of personal and company privacy information that needs to be filled in when registering an account, the amount of money received in the account alone is often tens of thousands of dollars. If it is hacked by criminals using various methods, it will inevitably cause heavy losses. However, due to the relatively weak awareness of network information security of most sellers in China , coupled with the various auxiliary software on the market, unconscious data information leakage often occurs. Just like the Amazon phishing email incident that was rampant last year, many sellers fell into the trap, resulting in a large amount of money and account losses. Just one person I know of lost tens of thousands of dollars.

Since account security is so important, besides phishing emails, what other operations can obtain our seller account information?

Next, we will talk about how to avoid risks through simple settings (non-code level) for the above methods.

There is nothing much to say about this. I emphasize it again and again. Don't click on links in unfamiliar emails . If it looks like an official email, you must carefully verify the email address. Sometimes scammers will use some very similar email addresses, such as replacing sellercontrol.amazon.com with sellercontrol.amazon.com/sellercontrol.amzon.com. If you don't look carefully, it's easy to fall for it. There is a simple trick to determine whether it is a formal email . Large companies such as Amazon will not send login links or other clear links in emails. If there are other non-login links, the prefix of the web link sent must be https instead of http, because https has one more step of certificate trustworthiness authentication than http domain names. For large companies, the annual authentication fee of several thousand is completely a drop in the bucket, but for some phishing websites that often change domain names, they may not be willing to spend money. If you accidentally click on a link, you can immediately perform a full disk check and kill, and reinstall the system if necessary. It is recommended that you develop a habit of saving important files such as account passwords, key information, etc. in safe offline devices, such as mobile hard drives/U disks, etc., which will ensure good security and recoverability.

Basically, it can be understood as the safe use of VPN . First of all, free VPN is unstable and risky, which must be kept in mind. Free VPN is only used to experience the wonderfulness of the outside world. It is best not to log in to any account. If long-term stable use is required, paid VPN must be a better choice. Compared with free VPN, paid VPN is much better in terms of security, stability and privacy. When using VPN, we need to pay attention to the following points:

1. Log records: Just like the Facebook information leak described at the beginning of the article, the principle is that the log files stored by users on the service provider's server are leaked. When choosing a VPN, under the same conditions, choose a VPN with a shorter log storage time to make your account information safer.

2. Tunneling protocols: Different tunneling protocols have great differences in speed and security. Usually, VPNs use the following three tunneling protocols:

1. PPTP, the fastest connection speed and the lowest security;

2. L2TP, the slowest connection speed and the highest security;

3. OpenVPN: The connection speed is between the two, and its security is comparable to L2TP.

You can choose a suitable tunnel protocol VPN according to your needs.

3. Fixed IP and stable connection time: If possible, it is recommended to choose a fixed IP when using a paid VPN. This will ensure that you can enjoy this line exclusively and no other visitors will log in. Stable connection time is not a problem for most paid VPNs. It is recommended to choose a service provider with the longest stable connection time.

The above mainly explains the selection tips for paid VPNs. So, when we use VPNs, how can we make the VPN connection more secure ? Here are some setting tips that can make us safer when using VPNs.

1. Manually modify DNS. Usually, your DNS is assigned by your ISP. To prevent ISP monitoring, we can manually modify the DNS value, which is not only more secure, but also can increase Internet speed. We can manually modify the DNS address through Control Panel - Network and Internet - Network and Sharing Center - Change Adapter Settings - Wireless Network Connection - Internet Protocol Version 4 (TCP/IPv4)/Internet Protocol Version 6 (TCP/IPv6) - Use the DNS server address below.

2. Disable IPv6. Similar to IPv4, but with a larger address space, IPv6 is also used to assign addresses to devices on the internet. The vast majority of the internet still uses IPv4, but sometimes IPv6 addresses are used. Some VPNs are unable to protect this address. To stop these leaks, simply disable IPv6 in the VPN app settings.

3. Turn on the kill switch. Sometimes, the VPN connection may be interrupted. When this happens, the masking of your network activity will be completely lifted and the address will become the actual address. To prevent this, we can go into the connection application settings and turn on the kill switch function. In this way, as long as the VPN connection is disconnected, the kill switch will terminate your Internet connection and avoid leaking your actual IP address.

If possible, it is recommended that you use VPS to build your own channel, set your own key information and obfuscation rules . The security and stability are better than any VPN on the market.

Upgrade to the latest firewall , use the security browser downloaded from the official website, perform full-disk deep virus scans on time, and reinstall the system regularly . This not only ensures security, but also keeps the computer running smoothly. For sellers, the firewall that comes with win10 is powerful enough, and we just need to make sure the firewall is turned on.

How to open the firewall : Control Panel - Windows Firewall - Enable or disable Windows Firewall - Enable.

Maintaining good online habits, prohibiting the browser from automatically saving account passwords, and regularly cleaning cookie information can also effectively protect the security of your account.

Our computers or mobile phones must not connect to unfamiliar WiFi . This is the most basic network security awareness. The hacking router is aimed at our habit of surfing the Internet. It deliberately sets up a WiFi without a password or with a very simple password, so that we think we have successfully surfed the Internet secretly. Little do we know that the moment we successfully connect, we have fallen into the trap of the thief. Even if you do not enter any private information, a virus may be implanted to steal the secrets in your device. For this situation, there is no particularly good way to prevent packet capture. We can only avoid this situation from the root and not connect to unfamiliar WiFi to be foolproof.

Now the domestic WiFi has basically achieved full coverage of urban areas, and 90% of people access the Internet through wireless connections. At the same time, there are endless attacks on routers. Many netizens who want to save trouble or do not know how to set up often use the default settings directly, enter the broadband account and password to connect, but they do not know that such a router is like a naked run in the eyes of those who are interested, and it is very easy to obtain your private information. Below, I will share with you some tips for router security settings.

1. Access point encryption. When selecting access encryption, select WPA2 (if available)/WPA. The default encryption method is WEP, but it has been proven to be an insecure encryption mechanism that can be cracked in a few minutes using software. Therefore, you need to select WPA2 to enhance the security of your router.

2. Turn off the DHCP server. The function of DHCP is to automatically assign IP addresses to computers in the LAN, thus eliminating the need for users to manually set IP addresses, subnet masks, and other required TCP/IP parameters. However, since the DHCP function is turned on, any computer within the signal coverage range can obtain an IP address and illegally connect to the user's wireless network, which brings security risks to the wireless network. Therefore, disabling the DHCP function is also a relatively effective security protection measure.

3. Disable SSID broadcast. Simply speaking, SSID is the name you give to your wireless network. Since the SSIDs of products from the same manufacturer are the same when they leave the factory, this gives some criminals an opportunity to connect to the wireless network through the initial string, so that your wireless network is illegally invaded and the security factor is greatly reduced. Therefore, it is still necessary to turn off the SSID broadcast function. In addition, turning off SSID broadcast will not affect the use, but your SSID will not be displayed in the search signal menu of others. Since it cannot be found in the signal search menu, it can effectively prevent illegal users from invading.

4. Enable IP address and IPMAC address filtering. After the wireless router's IP address filtering function is enabled, only users whose IP addresses are in the list can access the wireless network normally, and others who are not in the list cannot connect to the network. But one thing to note is that in the "Filtering Rules", you must select the "Only allow MAC addresses that have been set and are in effect in the MAC address list to access the wireless network" option, otherwise the wireless router will prevent all users from connecting to the network. In addition, if the DHCP function is disabled in the wireless LAN, then you can set a fixed IP address for each computer using the wireless service, and then enter these IP addresses in the IP address allow list. This can effectively protect the security of the wireless network.

5. Disable remote login. The original router worm used this method to brute-force router passwords. Most default usernames are set to Admin, and once the username is known, it is not difficult for the virus/worm to crack the password. Routers usually have this feature disabled by default. When you first set up your router, be sure to verify that this feature is disabled, and check it regularly thereafter. If you need to update the router remotely, set up access only when you need to connect.

6. Disable the wireless management function. Due to the high development of hardware manufacturing technology, high-power antenna receivers can even receive your WiFi signal from one kilometer away. So in the end, we need to change the setting that allows the router to be managed via wireless connection to "off" (which means you need to connect via a LAN cable to use the management function). This fundamentally prevents all wireless attacks on the router.

By judging and setting these tips, we can take the security level of our Amazon account information to a higher level.

For more tips on account and network information security , you can add my WeChat to communicate and make progress together.

Long press to scan the QR code to follow us

Source: Cross-border Business School

For the highlights of the past, please click the link below to review

Have you been fooled by Amazon’s weird reasons for removing products from shelves?

Some sellers have already paid tens of millions of dollars in compensation for fake orders!

Amazon launches ultimate anti-counterfeiting plan!

Click to like and share your experience▼