The W
Views: 98489302
Main | FAQ | Search: Y! / G | Calendar | Color chart | Log in for more!
28.8.14 0822
The W - Internet & Computers - Computer Security Question
This thread has 2 referrals leading to it
Register and log in to post!
Thread rated: 7.39
Pages: 1
(578 newer) Next thread | Previous thread
User
Post (9 total)
Roy.
Pepperoni








Since: 25.2.04
From: Keystone State

Since last post: 2301 days
Last activity: 771 days
#1 Posted on | Instant Rating: 4.84
My father's Ebay account was taken over. We couldn't log on to his account until I reset the password, and there were 5 things listed that he didn't list. Obviously, somebody got ahold of his password. If it weren't for some very nice man in Ontario, Canada, (who wondered why Pennsylvanians who primarly sell football cards were selling computers and asking for payment in British Pounds) we'd be in a little bit of trouble. Thankfully, I know all of dad's personal and financial info, and EBay took care of everything. My father's out of town for several days, so this Canadian guy saved our ass.

How did they get his username/password? He swears that he didn't give the info to anyone, and I checked his email for phishing email scams and the like. I tend to believe him, because he got scammed out of his AOL password about 10 years ago, and never forgot that little lesson.

We use AVG Anti-Virus (scan quite often, always updated), have a software firewall (the built in Windows XP one), and a hardware firewall (our router says it has one built in).

SO, if he didn't stupidly go to some fake website and give his information (there's a possibility that he did and doesn't remember), is there something I should be looking for on the home computer? Like I said, the Virus scanner is always updated, as is the spyware thing, too.
Promote this thread!
JALman
Boerewors








Since: 7.7.02
From: Almost there

Since last post: 27 days
Last activity: 11 hours
#2 Posted on | Instant Rating: 6.45
I'm reaching, but:

How complex was his password? Have you checked for keyloggers?
cranlsn
Liverwurst








Since: 18.3.02
From: Sussex, WI

Since last post: 121 days
Last activity: 7 min.
#3 Posted on | Instant Rating: 6.72

    Originally posted by JALman
    I'm reaching, but:

    How complex was his password? Have you checked for keyloggers?


This is kind of what I was going for...is his eBay username similar to an e-mail username that might not have as good of security on it's passwords.

Or is his username something that might be tied to an easily decipherable "personal" password.

Barring that...keyloggers is the only other thing that I'm thinking of..or if his e-mail username is similar to his eBay username...how "difficult" was his password reminder question?

I've had friends who had that defeated (not on eBay) because they chose "hometown" which was traceable to their ISP domain.

Just a thought...
Eddie Famous
Andouille








Since: 11.12.01
From: Catlin IL

Since last post: 278 days
Last activity: 272 days
#4 Posted on | Instant Rating: 5.94

I've been getting more spoof e-mails than ever, some for services I don't even subscribe to.



As of 2/28/05: 101 pounds since December 7, 2004
OFFICIAL THREE-MONTH COUNT: 112 pounds on March 9, 2005
OFFICIAL SIX-MONTH COUNT: 142 pounds on June 8, 2005
OFFICIAL ONE YEAR COUNT: 187 pounds on December 7, 2005
As of February 2, 2006: 197 pounds "I've lost a cruiserweight"
Roy.
Pepperoni








Since: 25.2.04
From: Keystone State

Since last post: 2301 days
Last activity: 771 days
#5 Posted on | Instant Rating: 4.84
His password was just a random word and some numbers. It wasn't horribly complex, but it wasn't his birthday or username or anything.

That said, I found out that he's used the same username and password combination on at least one message board connected to his business, so maybe there's something there. Could somebody theoretically gain access to that information?

I can't see anything processes running in the background on the task manager that looks suspicious. I've gone over all the processes one by one. Is there any other way to figure out if he's got a keylogger?
Guru Zim
SQL Dejection
Administrator








Since: 9.12.01
From: Bay City, OR

Since last post: 19 days
Last activity: 2 days
AIM:  
#6 Posted on | Instant Rating: 8.81
You are probably looking for a more step by step answer than this, but this is the best I can offer right now. Read this site, download Rootkit revealer, and check through their forums after you get your results.

http://www.sysinternals.com/Utilities/RootkitRevealer.html





Ignorance is bliss for you, hell for me.
Guru Zim
SQL Dejection
Administrator








Since: 9.12.01
From: Bay City, OR

Since last post: 19 days
Last activity: 2 days
AIM:  
#7 Posted on | Instant Rating: 8.81
As for the password, it is possible that it was gotten from the forum. As you know, we have your username and password here in a database for your account here. If the site owner was abusive of that knowledge, it could be a problem.

I always recommend having an "insecure" password that is used for forums and other non-critical third parties on the web, and a secure password that I only use for banks, taxes, insurance, etc.

You should probably use a different password everywhere, but I can't remember that many passwords. I have problems remembering all of my accounts!



Ignorance is bliss for you, hell for me.
JayJayDean
Scrapple








Since: 2.1.02
From: Seattle, WA

Since last post: 14 days
Last activity: 22 hours
AIM:  
Y!:
#8 Posted on | Instant Rating: 6.25
    Originally posted by Eddie Famous
    I've been getting more spoof e-mails than ever, some for services I don't even subscribe to.


I thought of this as well. I get a couple of very official LOOKING e-mails about "my eBay account" with an eBay logo and everything. Are you sure he didn't reply to one?



"You know what you need?
Some new quotes in your sig.
Yeah, I said it."
-- DJFrostyFreeze

Roy.
Pepperoni








Since: 25.2.04
From: Keystone State

Since last post: 2301 days
Last activity: 771 days
#9 Posted on | Instant Rating: 4.84
    Originally posted by JayJayDean
    Are you sure he didn't reply to one?


No. He's been stupid before, but I kind of believe him when he says that he didn't. I checked his emails going back about a month, and he hasn't gotten anything suspicious looking.

Didn't see anything suspicious on the RootKit revealer, but it's hard to do this stuff when the computer is 200 miles away from me. Luckily, other family members (brother in law and sister) are smart enough to install and do stuff for me. Of course, the home phone bill might be a bit high this month.

Not sure how it happened, and we're watching everything carefully now. Dad wants to blow up the home computer and just "buy a damn new one" to be sure, but that seems a bit extreme. My guess is that he either filled out something he shouldn't have, or somebody got ahold of his password from the collector's boards that he frequents, and got lucky when the password matched his Ebay one. I've lectured him, and gave him Guru's advice on secure and unsecure passwords.

EDIT: Looking at service messages received from EBay (change of password notifications, attempted change of email notifications), this guy did all this from IP address 172.180.160.249, which I think is from AOL, which means that it's probably fake or stolen.

Oh, and can I just rant about the fact that EBay has NO phone number you can call? I found their HQ phone number on the SEC website, but nobody was particularly happy to hear my voice at that number, and they wouldn't help me at all. They asked me where I found their number and then basically said that there was nothing they could do. Jerks.

(edited by Roy. on 25.2.06 1906)
Thread rated: 7.39
Pages: 1
Thread ahead: Worms for Macs
Next thread: *exploit warning* Winamp: try again?
Previous thread: Microsoft Vista Gaffe
(578 newer) Next thread | Previous thread
I tried that...it didn't work either. So...I don't go on that long...just to download a few things, or play for a bit. I shutdown ZoneAlarm and use the Windows Firewall temporarily. It's ugly, but it works.
- cranlsn, Alternatives to ZoneAlarm? (2007)
The W - Internet & Computers - Computer Security QuestionRegister and log in to post!

The W™ message board

ZimBoard
©2001-2014 Brothers Zim

This old hunk of junk rendered your page in 0.074 seconds.