G oog le BadWeB | Login/out | Topics | Search | Custodians | Register | Edit Profile


Buell Motorcycle Forum » Quick Board Archives » Archive through December 03, 2007 » I got Hacked! « Previous Next »

Author Message
Top of pagePrevious messageNext messageBottom of page Link to this message

Wardan123
Posted on Thursday, November 29, 2007 - 11:02 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

It happened. Somehow - someone got into my ebay account and "won" a bunch of stuff in Australia. $7000 dollars worth of stuff.
Ebay has had me change my username and password but is that enough?

I know I'm not responsible for the purchases and they are being notified as such- but it is scary just the same.

The ebay tech alluded to the fact that I may have been a victim of phishing but I have not shared my info with anyone.

Any advice that you may have for securing my ebay account and/or others would be appreciated.

I really cannot believe it.
Top of pagePrevious messageNext messageBottom of page Link to this message

Thumper74
Posted on Thursday, November 29, 2007 - 11:07 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

I get e-mails from website mirrors all of the time. It's also possible that you have some bad program on your computer redirecting you to phony Ebay sites that yank your password and redirect you back to Ebay... Neat technology but I don't understand what the point is...
Top of pagePrevious messageNext messageBottom of page Link to this message

Sanchez
Posted on Thursday, November 29, 2007 - 11:20 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

There are several possibilities for how they got your password. In order of increasing scariness:

1. Your password was easily guessed (e.g. "password")
2. You got phished
3. You have a trojan horse on your pc logging everything you type
Top of pagePrevious messageNext messageBottom of page Link to this message

Reepicheep
Posted on Thursday, November 29, 2007 - 12:02 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

Sanchez nailed it.

Do you let your browser save your passwords? That would be a minor variation on Sanchez's #3.

You sure you were talking to eBay? Did you call them, or was it an email transaction?
Top of pagePrevious messageNext messageBottom of page Link to this message

Pwnzor
Posted on Thursday, November 29, 2007 - 12:16 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

ebay, yahoo, paypal...

These organizations will never contact you for any pertinent information by email.

They will never ask you to "verify" your information.

If there is something so important that they need you to do something, they'll contact you the old fashioned way, by phone or snail mail.
Top of pagePrevious messageNext messageBottom of page Link to this message

Tq_freak
Posted on Thursday, November 29, 2007 - 12:55 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

I got this from paypal a few days ago.


Protect Your Account Info
Make sure you never provide your password to fraudulent websites.

PayPal will never ask you to enter your password in an email.

For more information on protecting yourself from fraud, please review our Security Tips at https://www.paypal.com/us/securitytips

Protect Your Password
You should never give your PayPal password to anyone, including PayPal employees.

Update Your Information

-------------------------------------------------- ------------------------------

It has came to our attention that your PayPal billing information are out of date. This require you to update your billing information as soon as possible.
This billing update is also a new PayPal security statement which goes according to the established norms on our terms of service (TOS) to reduce the instance of fraud on our website.

Please update your records . A failure to update your records may result on a suspension of your account.

To update your PayPal records click on the following link:
http://www.paypal.com/update

This new security statement will helps us continue to offer PayPal as a secure and cost-effective payment service. We appreciate your cooperation and assistance.

Sincerely,
The PayPal Team
-------------------------------------------------- ------------------------------
Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and choose the Help link located in the top right corner of any PayPal page.

PayPal Email ID PP295


the thing that I noticed was if was sent from SERVICE@PayPal.c0m with a zero in the .com and not an O. I forwarded it to Paypal but havnt heard anything back yet.
Top of pagePrevious messageNext messageBottom of page Link to this message

Wardan123
Posted on Thursday, November 29, 2007 - 12:57 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

I couldn't log in so I contacted their help desk.

I very well could have a trojan horse but how do I look for and eliminate one?

I currently run a spyware scan and Mcafee Security center- what else should I do?
Top of pagePrevious messageNext messageBottom of page Link to this message

Reepicheep
Posted on Thursday, November 29, 2007 - 01:39 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

Never click links in email... Type where you want to go in your browser, and start at the "trusted root" of the site... like www.paypal.com. Navigate from there. Its really easy to make a link look like it goes one place, but really goes to another place. If you are using Google Mail, they will filter a lot of this stuff out, and alert you to other non filtered "suspicious" stuff.

If your box has a trojan (called "rooted" in the old days), you can play a cat and mouse game hunting it, but you will never know if you won or not. And you probably won't have. Whoever controls the box has the high ground, and if you are rooted you already lost it.

Your safest bet is to rebuild the box from scratch, armor it up with anti-virus software (I like AVG from www.grisoft.com) *first*, get all the latest patches installed, and *then* carefully start restoring your data back over.

I have never had much luck with anti-spyware software (in an audit / intercept mode). It is handy for minor spyware infestation cleanups after the fact. I like lavasoft's addaware. I run the microsoft defender tool, because it's free, but it's never done anything to help me.

www.k9webprotection.com is a fantastic product that serves a few important roles. It is a "web filtering" service.

First, it protects my kids from getting slimed by inappropriate content. It's an actively managed whitelist with configurable filtering levels.

Secondly, it keeps me from being slimed. If I want to go to an iffy site, I have to put in the over-ride password. So I will only go when and if I choose to go, not when somebody else tries to make me go.

Thirdly, and this never even occurred to me that it was a benefit, but it has turned out to be a huge plus, is that all the malware sites (trojans and spyware) are in "bad neighborhoods". And as such, they are blocked by K9. This has stopped hundreds of driveby spyware install attempts on my systems (as evidenced by the logs). They would probably not have been successful, as I have a lot of other protections in place, but the only way to secure a computer is defense in depth.
Top of pagePrevious messageNext messageBottom of page Link to this message

Cityxslicker
Posted on Thursday, November 29, 2007 - 01:42 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

it could be all the russian porn that you have down loaded. ;P
Top of pagePrevious messageNext messageBottom of page Link to this message

Wardan123
Posted on Thursday, November 29, 2007 - 02:35 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

Thanks Reepicheep- I will check that K9 out.

Cityxslicker
Is there one nations porn that is better/safer than others? I will be staying away from the russian porn from now on.

Thanks in advance.

(Message edited by wardan123 on November 29, 2007)
Top of pagePrevious messageNext messageBottom of page Link to this message

Lions
Posted on Thursday, November 29, 2007 - 04:55 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

Get Mac...
Top of pagePrevious messageNext messageBottom of page Link to this message

Josh_
Posted on Thursday, November 29, 2007 - 05:44 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

and a mac will do what vs a hacked site, easy passwords or phisher emails?
Top of pagePrevious messageNext messageBottom of page Link to this message

Cityxslicker
Posted on Thursday, November 29, 2007 - 06:42 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

The Russians, Romanians, and Hungarians have hacker schools and have admittedly trained their students to embed mal code in porn. Its a "Pornado" that you dont want to submit your computer too, Mac either. DAMHIK
Top of pagePrevious messageNext messageBottom of page Link to this message

Reepicheep
Posted on Thursday, November 29, 2007 - 07:26 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

Mac is a harder target, but the main reason macs are malware free is that there still 10 PC's to ever mac... so attackers don't bother as often.

That being said, windows is still a security mess, and probably always will be, and the Mac is built on a secure foundation (BSD), and always will be, so the current functional reality is that macs are far less susceptible to attacks. And it will probably stay that way for a long time.

Don't think because you are on a mac you can be stupid though... you are safer, not safe.
Top of pagePrevious messageNext messageBottom of page Link to this message

Aeholton
Posted on Thursday, November 29, 2007 - 07:55 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

Order one of those $5.00 security keys from PayPal. Generates a different 6 digit number that you add to the end of your password every time you log in. Can be used with PayPal and eBay. Only drawback is you won't be able to use any sniper sites to win auctions anymore.
Top of pagePrevious messageNext messageBottom of page Link to this message

Reepicheep
Posted on Thursday, November 29, 2007 - 08:44 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

Already got one. Cool little devices. I protect my paypal account with it, but not my ebay account.

Those are verisign tokens, and they have an awesome model for federation... In theory, I can buy that one token from paypal, but use it for paypal, my bank, my top notch legal research site ( ;) ) and anything else I want. Just that one token.

It's built by vasco, and uses a Verisign web service called VIP to validate the numbers.

It a cool distribution of trust as well. Verisign can validate that token with serial number X did or did not display value Y. Thats all they know about the deal. They never get my Paypal ID or Password.

Paypal gets my ID and Password, but only gets the one single use password I give them and my serial number off the back of the token. They can always validate that a number I give them is real, but only Verisign knows the secret cryptographic key buried in the tokens. So say a shady person was working for Paypal... they can't look up my token serial number then use it to get into my retirement account... they don't know what the token shows.

Somebody from Verisign cant crack my Paypal account, because while they can get my token value, they don't know what serial number I have, and they don't know my ID and password.

So it actually works to have one token safely used with a variety of trusted and untrusted sites. That way I am not carrying around a shopping bag of tokens (I have three with me right now).

It all falls apart with the lawyers. How do you convince them that you should allow tokens you supply to be used with other companies? How do you convince them to let other company tokens to be used with your service? They will mumble and mutter but never give approval, and it takes a pretty brave executive to lead the charge and do the right thing, especially if they don't have lawyers willing to back them.

I hope it works, but it looks grim so far. Now... which token did I use for badweb.... The red one? The black one? : )
Top of pagePrevious messageNext messageBottom of page Link to this message

Chrisb
Posted on Thursday, November 29, 2007 - 09:15 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

If you ever get a email from paypal or ebay forward it to spoof@paypal.com or spoof@ebay.com

I forward any email I'm not expecting from them. You'll get a response in 30 min. Almost always they tell you "its a fake and Thank you for helping us stop this"
Top of pagePrevious messageNext messageBottom of page Link to this message

Pwnzor
Posted on Friday, November 30, 2007 - 10:04 am:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

macs are malware free

False statement.

The reason it may seem like they are "malware free" is that Mac has about 5% of the market when it comes to personal computers, so you just don't hear about it. Same reason you don't hear about Linux/Unix malware.

Think about it, if you're teenager in Denmark writing malware, you want to achieve the greatest effect possible. Therefore, you would write your malware to attack the big three : Windows, Internet Explorer, and Outlook.

All computers are susceptible, right down to and including even all but the simplest cell phones.
Top of pagePrevious messageNext messageBottom of page Link to this message

Pmpski_1
Posted on Sunday, December 02, 2007 - 02:33 pm:   Edit Post Delete Post View Post/Check IP Print Post    Move Post (Custodian/Admin Only)

I had my ebay account hacked once. The support tech told me the same story - you probably were the victim of a phishing scam. I know that I wasn't - anytime I get something from a site that says I need to do something I'll go directly to the site itself instead of clicking on links. I'm very familiar with phishing.

Anyway, that was the only time it happened to me. I think there's a lot going on behind the scenes at Ebay, we just don't get to see it. It's easy to blame it on phishing, make you get a new account and password, and continue with business.
« Previous Next »

Add Your Message Here
Post:
Bold text Italics Underline Create a hyperlink Insert a clipart image

Username: Posting Information:
This is a private posting area. Only registered users and custodians may post messages here.
Password:
Options: Post as "Anonymous" (Valid reason required. Abusers will be exposed. If unsure, ask.)
Enable HTML code in message
Automatically activate URLs in message
Action:

Topics | Last Day | Tree View | Search | User List | Help/Instructions | Rules | Program Credits Administration