By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Account Hacked and now I can't get AWS Billing to remove the costs from account so I can close it for good.

0

I opened a free tier account with Amazon to learn about AWS for a job I was working for, I never used it at all after it was opened and never touched again since when I left my job I no longer need to learn AWS.

Fast forward to March of 2022 which I got and email from AWS that my personal account might have been compromised and to please contact support through the control panel. I went through all the directions of the support personnel ONLINE thru WEBCHAT ONLY, they directed me to enter my credit card just so the account was fully active and they would only charge $1 to make sure the card works. I entered the card and proceeded to follow directions how to remove all of the information that the HACKERS had left behind and what was causing all of the billing for my account that was compromised of $18,XXX.XX. Then in April my AMEX card was automatically billed $2,4XX.XX and the support person said of sorry it was automatically billed (I argued that you lied and told me there would only be $1 charged but they had no answer for me now I called AMEX and placed a dispute on that bill!). So finally I clean up all of the hackers remains and they stated that sales/security has to review the request that these were fraudulent charges, I stated of course they were, you alerted me that someone compromised my account!

Now they want me to send them $18,XXX.XX and they stated it will be credited back to me either if I used my credit card or WIRE TRANSFER. They would credit my account and send the money back??????

I said no I don't have those funds and I didn't create those bills, now they come back and state they made a decision and it stands I owe the money! Do I need a lawyer for this?

I also believe this 1st email may not be real from AWS since they don't provide phone numbers ever!

Dear Amazon Web Services, Inc. Customer,

Despite several attempts to charge the default payment method on your AWS account, you still have past due balances that requires your immediate attention to prevent account suspension. See below for details: Amazon Web Services Account Number: 4440XXXXXXXX Open Invoices: Total Due ( USD ) 15,XXX.XX Total Past Due ( USD ) 15,XXX.XX

Invoice Number Currency Open Amount Invoice Amount Invoice Date Due Date Age Status 1010XXXXXX USD 15,XXX.XX 15,XXX.XX 03-Apr-2022 03-Apr-2022 46

We are here to help you address these past balances via any of the options below. If we are unable to resolve these balances within the next 3 business days your account may be suspended and you will no longer be able to access your AWS Management Console, manage existing resources, or buy any new resources. If you do not pay all past due charges and reactivate your account within 90 days of suspension, your account will be terminated and all resources on the account will be lost.

Options to resolve your past due balance:

  1. Reply to this email. Our Accounts Receivable analysts are here to help resolve any billing or payment issues.
  2. Login to your Billing and Cost Management Console. Under Billing, click on Orders and Invoices, then select the Verify and Pay option. This option enables you to manually pay via a registered bank account or credit card.
  3. Pay via ACH/Wire and include the invoice numbers with your payment. This will ensure that we allocate your payment to the right invoice. . Include the invoice number as part of the wire instructions, a. Include the invoice number on your check, or b. Email us and let us know to which invoices we should apply payment. Use the following payment instructions:

To send an Electronic Funds Transfer for USD payments: To send a check for USD payments:

Amazon Web Services, Inc. Bank: Wells Fargo Bank Address: 420 Montgomery Street, San Francisco, CA, 94163, USA Account #: 41213XXXXX ABA Routing Number: 1210XXXXX Wire Routing Number: 1210XXXXX Swift Code: WFBIUS6SXXX Amazon Web Services, Inc. PO BOX 84023 Seattle, WA 98124-8423

Please also note that you can find a complete breakdown of these charges and view the printable PDF copies of your invoices by logging into the AWS Billing and Cost Management Console.

Kind Regards, Patrick Capillas
Amazon Web Services, Inc.
Accounts Receivable Toll Free Number - 1877-252-0770 aws-receivables-support@email.amazon.com aws.amazon.com

*Edit: Removed banking information. — Kita B.

  • lGN-User-2626
    2 years ago

    Hello there,

    Thank you very much for your reply. We tried to contact you at the phone number registered on the account. (PHONE RANG ONCE AND THEY HUNG UP!)

    Please note that we’ve reviewed your request to reassess your billing adjustment request. On 6/6/2022, we informed you that we can’t adjust the complete amount of your bill for the charges accrued during March, April, and May. Our billing adjustment team decided to stay with their original decision. This decision is final.

    We won't be able to take further action on this matter or offer additional insight. This will be our final correspondence and we'll consider this case closed.

    All of the details in your use case have been considered carefully and in line with our Service Agreement:

    https://aws.amazon.com/agreement

    We regret that we've not addressed your concerns to your satisfaction.

    Best regards, Rouse C Amazon Web Services

Topics
Cloud Financial ManagementMachine Learning & AI
Tags
AWS Cost and Usage ReportAmazon Fraud DetectorAWS Billing
Language
English
lGN-User-2626
asked 2 years ago3533 views
1 Answer
1

Please do take it seriously adding MFA to your root account.

And just to ensure this is clear to everyone, in the Service Agreement:

" 4. Your Responsibilities.

4.1 Your Accounts. Except to the extent caused by our breach of this Agreement, (a) you are responsible for all activities that occur under your account, regardless of whether the activities are authorized by you or undertaken by you, your employees or a third party (including your contractors, agents or End Users), and (b) we and our affiliates are not responsible for unauthorized access to your account."
Jason_S
answered 2 years ago
  • lGN-User-2626
    2 years ago

    I added MFA too but that email seems odd to me too since AWS never gives out phone numbers and the number is not even listed on Amazon's site!

    They agreed to give me a one-time exception BUT I would need to send them 18K first (then they would credit me back, which I can't even afford to do!), I don't have 18K in bank OR use of credit so I will need to get lawyer I am guess to settle this somehow. It is truly unfair for the smaller guy who this is happening to, there are 100's of these same stories out there and I mean 100s. Why is it that a credit card or bank will waive the fraudulent charges but AWS will not???

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content