I originally had this over at FW OT, but someone suggested I post this over here. I guess this is Finance related now that the finance situation is in question... more like "How To Unscrew Yourself?"
SCAMMED! By:Azurik Date:January 29th, 2005.
My girlfriend is what most people would consider to be internet savvy. I got her started on the whole eBay business this past December (I feel like a karate master passing his wisdom for generations to come, haha). A couple of minutes ago, my girlfriend IMed me with the following:
Meghan: babe tomorrow will you help me with my paypal account Azurik: what about it? Meghan: i have gotten hour emails saying that i have limited access because their security team found that the social security number on it wasnt mine or something Meghan: after the first email i tried to go through the steps to fix it, but apparently it didnt work because i still got them Azurik: you didn't click on the link did you? Meghan: what, i already did Azurik: sh*t Meghan: shooot, i gave out all my info because it looked just like paypal Meghan: i did it like wed/thurs Meghan: i thought i was doing it all myself without your help Azurik: check the e-mail again Azurik: scroll over the link with your mouse Azurik: it's not a paypal.com address right? Meghan: no Meghan: f*ccccccck Azurik: what did you fill in? Meghan: i gave them everythng Azurik: like what? Meghan: social security, credit card number, pin number address (PayPal security questions, PayPal password, bank account # and routing #)
I went into her PayPal account and changed the security questions she gave to them, along with the password. I also sent the balance of her PayPal account to me to safeguard it and also as a penalty to her
She's also in the process of reissuing a new credit card # along with cancelling her bank account and debit card on Monday. It's a college account with only $50 left in it anyway, and she was going to deposit $500 more!
I went into the scam site itself and inputted a bunch of wrong data too, just to flood their database. It forwards itself to an Asian e-mail address.
To enter a coupon code in your post please enter the following info:
Coupon Code:
Coupon Offer:
Merchant:
Expires (optional):
Restrictions (optional):
saving...
Quick Summary is created and edited by users like you... Add FAQ's, Links and other Relevant Information by clicking the edit button in the lower right hand corner of this message.
EricGo said:Does she use the same name/password for other accounts ?
No, she doesn't EricGo. Here is what I have done:
Closed her bank account and credit card and they are reissuing new ones. PayPal password and security questions have been changed. She's calling the credit agencies tomorrow to place a fraud alert on the accounts and ask them to verify with her ALL new accounts being opened. I will monitor her SS # statement to see if anyone is working under her name, etc.
What I am afraid of is that somehow, I am missing something and a loophole will come back and ruin her financially.
I've been to similiar sites such as those before. The thing is, identity theft HAS NOT happened yet. Those sites are useful when it does - how to file police reports, file affadavits with the credit agencies, reporting to the FBI, etc. However, a crime hasn't been committed yet. I guess this is pre-crime prevention, sorta like that movie with Tom Cruise
SIS's comment made me think about bank accounts. Can a fraud alert be placed on Chex21 (I think that is the name of the info clearing house that the banks use).
More generally, I would think a bit more about how the information might be used to create, rather than abuse already created IDs and Services. If any vulnerabilities still exist past what you have already done, my guess would be toward that direction.
Glad I heard about fishing before I got one of those emails. They are a lot better than the typo filled Citibank ones that alerted me. That site would have fooled me too. Good luck Gene
Shows you how good they're getting. And its getting worse, with WiFi evil twins and Host File redirection - so that even typing in the right web address redirects you to them.
I recommend that you check out DragonsLore's thread in the Computer Forum. Then install Spyware Blaster, Spybot Search and Destroy, Ad Aware SE, and DragonsLore's host files.
ellory said:Shows you how good they're getting. And its getting worse, with WiFi evil twins and Host File redirection - so that even typing in the right web address redirects you to them.
I recommend that you check out DragonsLore's thread in the Computer Forum. Then install Spyware Blaster, Spybot Search and Destroy, Ad Aware SE, and DragonsLore's host files.
dawhim said:sandybutt said: My Firefox just redirects me to the real paypal site Its got built-in anti-phishing
last time I decided to quick on those fake paypal site. then, I got freak out because my FF redirected to me the real paypal site.
Yes, and its very freaky too, because it might make you think that a firefox bug has been found. There is an internet explorer bug which can allow a web site to display in incorrect URL in the web browser. So you go to www.abc.com but internet explorer will display www.xyz.com in the URL bar. The web site in that link uses that very exploit. Having Firefox redirect to the correct paypal site without any type of warning might make people think that firefox has a vulnerability too.
Or even worse, if you click on the link in firefox and it goes to the correct site, then when you later use the link in IE and it goes to a site that says paypal.com, you might think it's safe.
tehlorax said:FYI, no email can write to your HOSTS file...
I wouldn't be so confident about that statement. There have been more than enough bugs in Outlook that have allowed email messages to run arbitrary code, and that could include code which modified the hosts file.
Disclaimer: By providing links to other sites, FatWallet.com does not guarantee, approve or endorse the information or products available at these sites, nor does a link indicate any association with or endorsement by the linked site to FatWallet.com.
