• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Self-Publishing
  • Author Blogging
  • Sitemap
  • Fonts/Typography

The Book Designer

Practical advice to help build better books

by selfpublishing.com

COACHING


PUBLISHING


WRITING


PRODUCTION


FREELANCE


WRITING JOBS

  • Home
  • About
  • Articles
  • Contact
  • Shop
You are here: Home / Self-Publishing / Hackers Are Targeting Createspace Author Accounts

Hackers Are Targeting Createspace Author Accounts

by Nate Hoffelder on November 12, 2018 19 Comments

Table of Contents

  • Reports of Hacking
  • Take Action

By Nate Hoffelder

We’ve been contacted by a couple of our readers who have, unfortunately, had their Createspace accounts hacked, and we felt this was something you all needed to be aware of. We are pleased to provide this guest post by Nate Hoffelder on the topic. If you have a Createspace account, you will definitely want to read this.


Authors who have an account on Createspace should go change their passwords immediately — and while they’re at it, they should also double check their payment details.

Reports of Hacking

This story has for the most part been ignored by the press, but starting some time in March or April 2018, hackers began to target author accounts on Createspace.

I have read multiple independent reports in several closed Facebook groups, Reddit, and on Kbaords dated in April, June, July, August, and as late as the first week of November from authors who say that someone hacked their CS account.

Many of the reports sound like this:

I woke up this morning to read this email:

“This is an automated message confirming that royalty payment information has been updated in your CreateSpace account. If you did not make any changes to this information, please use the Contact Support feature in your account to reach our Customer Service team.”

I thought it was a random email that was a mistake. But it wasn’t. I called Createspace and indeed, someone had hijacked my account and deleted my payment information and substituted their Name and direct deposit information. I am due to get paid in about a week, so I am thankful they did not receive any of my payments before I caught it.

I’ve had to change my email, password and update payment info again.

It is not clear at this time how the hackers are gaining access. At least one author said they used a complex and unique password on their Createspace account, and yet they were still hacked. All we know right now is that Createspace accounts are still getting hacked, and for that reason I strongly urge that authors change their password on their Createspace account double check their payment details.

While it is true that Createspace automatically sends out emails when payment details are changed, you do not want to take the chance that the email they sent you got lost.

Take Action

Go change your password today, and make sure it is both long enough that it’s hard to guess and simple enough that it is easy to remember. XKCD has comic that explains why.

Amazon was contacted before this post was published, but did not respond.

WordPressNate Hoffelder has been building and running WordPress sites since 2010. He blogs about indie publishing and helps authors connect with readers by customizing websites to suit each author’s voice. You may have heard of his site, The Digital Reader, mentioned on podcasts such as The Creative Penn, Wordslinger, or Sell More Books Show. In his spare time, he fosters dogs for A Forever Home, a local rescue group.
 
Photo: BigStockPhoto

Filed Under: Self-Publishing, Guest Posts Tagged With: CreateSpace, Nate Hoffelder

journal marketing

Reader Interactions

Comments

  1. Rashel Ahmed says

    November 14, 2018 at 7:38 pm

    OMG. What a news… It’s really surprising news. Thank you so much.

    Reply
  2. David Mignery says

    November 13, 2018 at 2:44 pm

    Book pirates have hijacked PDF files of my books (and many others) and are selling them on line. In my case, the only way they could have gotten these files is from Createspace or KDP.
    Neither of them seem very concerned.

    Reply
    • Nate says

      November 13, 2018 at 8:07 pm

      Are you sure they actually have the file?

      The reason I ask is that most of the time those sites claim to have a PDf but are actually running a phishing scam on their “customers”. The sites are using the appearance of having your ebook as bait so they can get someone’s credit card, which can then be sold online.

      Reply
  3. Jill Engledow says

    November 13, 2018 at 1:02 pm

    I have a different problem: I found my book cover and back-cover copy on a website I’d never heard of, for sale about $1.50 more than the CreateSpace price. How did it get there? The site (jet.com) says they “trust” their sellers and protect them, so won’t give me contact info for the seller and don’t see to care that this is unethical. I confess, I make so little on that book that I haven’t pushed hard enough to get to the bottom of it, but I think I’ll contact CreateSpace now.

    Reply
  4. Amber Polo says

    November 13, 2018 at 8:17 am

    I’m confused. I thought all the payments are now being made through KDP since print books are moved from Create Space.

    Reply
    • Bill Peschel says

      November 13, 2018 at 9:20 am

      When I checked my account on CreateSpace, it still had $1.30 in it. I can only hope they’ll pay me later this month.

      I think that there’s also people with books still in CreateSpace that haven’t moved them over yet.

      Reply
    • Nate says

      November 13, 2018 at 12:03 pm

      This surprised me too, Amber. But I guess Amazon still hasn’t moved everyone over to KDP print, and accounts are still being hacked.

      Reply
  5. Annabelle Franklin says

    November 13, 2018 at 7:00 am

    Wow! Thanks for this heads-up.

    Reply
    • Nate says

      November 13, 2018 at 11:54 am

      Welcome!

      Reply
  6. Bill Peschel says

    November 12, 2018 at 5:06 pm

    It didn’t occur to me until I went over there to change the information, but here’s what you can also do while you’re at CreateSpace:

    Remove your credit card information. If you’re books are not there, you won’t be ordering any more books, so why leave the information there? Deleting it is easy.
    I went online to a strong random password generator and found a 16-letter combination.
    I double-checked the banking information, as you recommended.
    Best of all, I downloaded all the reports of payments and sales. I don’t know if I’ll need them, but it did tell me how many of each book they sold and how much I was paid for them. Once they take the site online, it’s gone!

    Reply
    • Nate says

      November 13, 2018 at 11:55 am

      Great advice, Bill!

      Reply
  7. Michael W. Perry says

    November 12, 2018 at 10:41 am

    Quote: It is not clear at this time how the hackers are gaining access. At least one author said they used a complex and unique password on their Createspace account, and yet they were still hacked.

    That is disturbing. Mostly likely, there’s a Createspace insider leaking these passwords or Createspace staff are so ill-trained they fall for social engineering hacks.

    “Social engineering is the art of getting people to give you the information you are seeking, rather than breaking into a system to get it. Among the most sought after bits of information is the username and password.”

    https://null-byte.wonderhowto.com/how-to/hack-like-pro-ultimate-social-engineering-hack-0150355/

    As that article suggests, it is also possible that the person mentioned used that difficult password at multiple sites. That’s why it is a good idea to use apps that make it easier to have a separate password for every website you use.

    Reply

Trackbacks

  1. Never Able to Catch Gail Carriger at Events? Check out this video of her Panel on the Paarasolverse at Teslacon! - Gail Carriger - Gail Carriger says:
    December 17, 2018 at 7:52 am

    […] Hackers Are Targeting Createspace Author Accounts […]

    Reply
  2. Episode 242 – KDP Reports, Pay to Play, and Help From Your Friends | Sell More Books Show says:
    November 21, 2018 at 3:03 am

    […] News #5: What a Hack News #4: Many Happy Returns News #3: Report Reboot (1) News #3: Report Reboot (2) News #2: Come Ready to Pay (1) News #2: Come Ready to Pay (2) News #2: Come Ready to Pay (3) News #1: With a Little Help From Her Friends […]

    Reply
  3. Publicity Tips--Why I Love Email Interviews | The Publicity Hound's Tips of the Week says:
    November 19, 2018 at 9:57 am

    […] do: Read his short article “Hackers Are Targeting Createspace Author Accounts.” Then change your password and check your payment […]

    Reply
  4. Nieuws uit de uitgeefwereld: 11 nov. t/m 17 nov. 2018 | Maria Staal says:
    November 18, 2018 at 12:26 am

    […] van The Book Designer, schreef na aanleiding van berichten van gebruikers een artikel over het hacken van Createspace accounts. Het lijkt erop dat een hacker probeert de royalty’s van Createspace accounts over te laten maken […]

    Reply
  5. Top Picks Thursday! For Writers & Readers 11-15-2018 | The Author Chronicles says:
    November 15, 2018 at 10:42 am

    […] If you have a CreateSpace account, beware. Nate Hoffelder tells us hackers are targeting CreateSpace author accounts to siphon off royalty payments. […]

    Reply
  6. Morning Coffee – 14 November 2018 - came939棋牌官方 says:
    November 15, 2018 at 12:14 am

    […] Hackers are still targeting author accounts on Createspace. […]

    Reply
  7. Hackers Are Targeting Createspace Author Accounts – Written By Nate Hoffelder On The Book Designer Blog – Writer's Treasure Chest says:
    November 12, 2018 at 4:53 pm

    […] https://www.thebookdesigner.com/2018/11/hackers-are-targeting-createspace-author-accounts/ […]

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Get the Advanced Publishing Kit

Topics

  • Audiobooks
  • Author Blogging 101
  • Book Construction Blueprint
  • Book Design
  • Book Printing
  • Book Production
  • Book Reviews
  • Cameras
  • Contributing Writers
  • Cover Design
  • E-Books & Readers
  • Editorial
  • Guest Posts
  • Interior Design
  • Interviews
  • Journey of a Book
  • Legal Issues
  • Marketing
  • Podcasts
  • Project Focus
  • Reports
  • Reviews
  • Samples
  • Self Publishing Basics
  • Self-Publishing
  • Social Media
  • Training
  • Video
  • Webinars
  • Writing
Self Publishing Platform
Self Publishing School

COACHING

Self Publishing

PUBLISHING

The Write Life

WRITING

The Book Designer

PRODUCTION

Make a Living Writing

FREELANCE

Freelance Writers Den

WRITING JOBS

Footer

  • Home
  • About
  • Articles
  • Contact
  • Shop
  • Self-Publishing
  • Author Blogging
  • Sitemap
  • Fonts/Typography
Terms of Service
Privacy Policy
Comment Policy
Guest Author Guidelines
Why?
"Writers change the world one reader at a time. But you can't change the world with a book that's still on your hard drive or in a box under your bed. This blog exists to help you get that book into people's hands."
—Joel Friedlander

Copyright Self Publishing School All Rights Reserved. © 2022