My mom recently fell victim to a phishing scam through AOL, where she unknowingly entered her password after receiving a fake e-vite from a friend. As soon as I found out about it, I changed her password, but I noticed there's still a suspicious login from another state that hasn't logged out yet. Unfortunately, it looks like $180 in Amazon gift cards from her inbox have already been redeemed. I'm wondering if there's any way to track this person down while they're still logged in, or if Amazon can help in locating who redeemed those cards. Any advice would be appreciated, though I understand it might be a long shot.
2 Answers
You might want to lock down the account with multi-factor authentication (MFA) and then just focus on securing it. It’s a bummer that this happened, though!
Honestly, the best course of action is to just log them out and move on. It’s frustrating, but trying to track them down might not yield any results.
I’ve set up MFA already, but it’s wild because she had it enabled during the phishing attempt. It’s just so easy to slip up sometimes. Thanks for the advice!