It comes out of nowhere, usually. Amazon tells you that you’ve been compromised, or you have to reset your password. You realize suddenly that you cannot log in to your account. What went wrong? You may re-type a password or call Seller Support to find out if Seller Central is down, but you’re already hoping that it’s just a glitch. Are you really cut off from selling? Worse, do you have huge obstacles preventing you from seeing your account?

Here’s the thing: you need to take immediate action. Don’t leave it up to Seller Performance to decide the matter in the background while you only hear silence. If you lack account access or any clear messaging from Amazon, I recommend calling Seller Support and also emailing Seller Performance insistently to confirm they’ll send all instructions necessary to resolve the matter. They have to verify your account is “clean” and you need to push them, as needed, to confirm they executed all actions related to the compromise. Make sure your response matches the situation.

What do I do when I can’t access my account, or it’s not certain that Seller Performance sanitized it correctly?

You need to know a few terms of internal jargon. In order to get Seller Performance to take all necessary actions when they clean you up, you need to speak their language.

Tell them via emails to Seller Performance and Seller Support cases if necessary that you cannot access the account due to an “account compromise” but, if they fail to appreciate how quickly they must act to restore your access, use some keywords or to get them moving. Whether you truly lost control of the account, or they only think you did and signed you out in an abundance of caution, take action! Don’t wait for them.

1. First, if there’s clear evidence of bank account changes or you get email alerts that you’ve had changes made to the account, contact Amazon immediately and tell them you’re a “VCAC”

— it means “veteran customer account compromise.” I advise the use of internal jargon on occasions where you’re likely to get a Seller Support rep or Seller Performance investigator who has no idea what happened to you, perhaps even when they look at your account. Tell them you need all pending orders canceled since the time of the VCAC if you can pinpoint it.

2. Next, tell them you need your account sanitized, and your password reset.

If you’re dealing with Seller Performance emails, sanitized means only one thing to them.

Get the interloper out, and get you back in once the old password and possibly the fraudster email address is removed. Any bad listings are purged, any new bank account information gets wiped out, and so forth. They only tell you how to get your password reset once they finish up.

3. Make them verify that no payments have gone out in incorrect bank transfers if that damage resulted from your VCAC.

There are ways of appealing and getting your funds back if they’re already sent, as we’ve seen in many prior client cases. But hopefully, you can stop it before it happens. To resolve cases where only the bank account is changed, nothing else, try to get Seller Support to transfer you to escalate this immediately. You won’t have time to wait for email replies from Seller Performance. Get to Executive Seller Relations any way you can, as quickly as possible, if there’s no adequate response from internal teams in a timely manner.

4. Make sure the primary email associated with the account is NOT the source of the account compromise.

You may not know if you clicked a phish scam email and gave up your Seller Central password that way, but just in case…consider changing the email on your account to one that only you and Amazon insiders know. Nobody else should have access! Limit the chances that your email will float out there in the world, and get attacked or abused.

5. Make sure that any “bad orders” are taken care of.

Make sure Amazon finds and cancels them all when an account is compromised, make sure that none get through for products you never listed or sold. Also, check to be sure that no good orders are canceled. That may blow up your cancellation rates, which in itself could lead straight to a performance-based suspension. You’ll want Seller Performance and Seller Support to confirm for you that your account gets annotated, so future investigators will know that having a VCAC led to the poor metrics.

They Suspended me for Chronic bad Account Security: What Goes Into the POA?

Focus on real root causes that will explain the account compromise(s) to investigators. Did you click a link in an email that looked like it was from Amazon? Don’t tell them that in the hopes that you’ll gain their sympathies, because Amazon believes every seller should know not to click stray links in emails that may or may not be from Amazon. Remember, if you are compromised three times, Amazon blocks you. Prevent them at all costs if you have two in your past.

• Show Amazon you understand account security. You identified how it happened (more than once, if it’s multiple times) and you’ve learned from those mistakes. They need to be able to trust you with a seller account!
• You’ve tasked an expert familiar with account security to teach you prevention methods.
• You’ve changed the email associated with the account, and will only use it for emails from Amazon. It won’t be visible via customer service emails or anywhere else, so nobody out there looking to take you down will try to send you links to get the account away from you.
• Tell them you have now installed special alerts to contact management prior to any changes on the Amazon account. This will ensure no unauthorized access goes unnoticed
• Indicate that you have tested our alerts to verify that they are working properly and viewed immediately, by management, once they come in. Action will be taken if anything is amiss.
• Emphasize that you’ve understood how to maintain properly sign in security. You’ve used Two-Step Verification in Advanced Security Settings without hiccups.
• Don’t go straight to hiring an attorney to help you get your account back. For some reason, this became a trendy choice, but it makes no sense at all. Unless of course, you find a lawyer who understands how Seller Performance processes account compromises and escalations related to account suspensions for this, if that happens please indicate it to me. Thus far, I’ve only read and reread bafflingly nonsensical appeals around how VCACs happen, and what sellers need to do to prevent them.
• To get funds back that never should have gone overseas, escalate within Seller Performance or to the jeff@amazon.com email if an absolute necessity. Otherwise, the best way to retrieve funds is for an attorney to draft a letter stating that Amazon failed to nab your account grabbers in time before they had changed key financial info on your account for the next disbursement. Amazon wants to take care of sellers wronged by these gaps in their SOPs, tools, or even their investigative teams. They will not want hundreds or thousands of sellers complaining publicly about funds loss simply because a bank switch to Bulgaria evaded a security flag by their current protocols.

Amazon does take account security seriously, both in terms of their ability to catch compromises and your ability as a seller to avoid mistakes that lead to bad orders, fake listings, and awful buyer experiences. Understand how to speak their language if this happens to you, and know how to convince them that you’ve corrected past gaps in your own processes. They’ll want to feel confident that they won’t have to look at your account again, a few days or even weeks later, for the same exact problem. If the nightmare of regular account sanitizations and reset passwords continues unabated, they will shut you down for good. You don’t want to lose your account permanently due to avoidable situations where you could have better-protected email and account access. Amazon keeps enough other reasons to remove sellers at the ready to leave yourself open to this business-crippling vulnerability.