As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/
Options
Ugh identity theft
silence1186
Character shields down!As a wingmanRegistered User regular
Character shields down!As a wingmanRegistered User regular
Fuck it all, help me minimize damage, please?
I just got an email from apple saying my account had been used to purchase an app on a computer never before authorized to the account. Low and behold, my iTunes balance is going down. I am seriously concerned not just about my itunes account balance, but other, more real financial accounts I possess.
I just ran crap cleaner, which takes 5 minutes.
I am now running Kapersky anti virus, which takes 1-2 hours to do a full clean.
I was planning to run Ad-Aware, which takes 3-5 hours to do a full clean.
Ugh, I'm sick to my stomach over this.
I just got an email from apple saying my account had been used to purchase an app on a computer never before authorized to the account. Low and behold, my iTunes balance is going down. I am seriously concerned not just about my itunes account balance, but other, more real financial accounts I possess.
I just ran crap cleaner, which takes 5 minutes.
I am now running Kapersky anti virus, which takes 1-2 hours to do a full clean.
I was planning to run Ad-Aware, which takes 3-5 hours to do a full clean.
Ugh, I'm sick to my stomach over this.
silence1186 on
0
Posts
Get to a known-clean PC and change your passwords, especially your Apple account. I';d also see if Apple has a phone number you can call to get help on thier end, such as doing whatever they can do to stop any more content from being bought with your monies.
Cross your fingers and just hope the only thing they got was your Apple account, too.
I can has cheezburger, yes?
someone from china got into my itunes account a few months ago and spent $50 of my itunes credit - a quick call to apple support had them return my credit, freeze my account so whoever had access to it couldn't go buying shit AND i got to keep the apps the thief bought in the first place!
tumblr | instagram | twitter | steam
How do you contact apple? They only seem to have email support.
I changed my password instantly when I got the email saying "you have just purchased X app." Though it was on this particular computer, which is the supposed compromised one. I don't really have access to another "clean" computer, since the other users in my household are more irresponsible than me.
I don't understand how this can happen, I have no script, I routinely clean my computer for spyware et al.
Try technical support? They could point you in the right direction.
E: Upon calling Apple, they tell me they don't really have phone support for this sort of thing, and that I have to use email. So much for getting ahead of this.
With things like WoW accounts, for example, you often get people who definitely have their machines locked down, but still have their account broken into anyway (a good friend of mine had this happen a couple months back, and I know how careful he is). It seems like the "hackers" often try to brute-force people's passwords without actually putting spyware onto anyone's computer, so ANYONE can have that happen to them. Naturally, it's much easier for them to grab control of an account if you have a weak password. Did the password for your iTunes account (and possibly also your e-mail and similar accounts) have any symbols in it? Having a password be fairly long and have symbols in it increases the work required by someone to break into your accounts exponentially. They can still get in if they spend long enough, but it's much quicker for them to just brute-force a password like "badpassword" than "+H!$!$83++3Rp@$$w0rD", if the site allows it (unfortunately, some sites don't allow you to use certain symbols, so you may have to experiment with what you make for a while to get symbols in there).
Good on you for having NoScript, by the way! It's a very important piece of security.
I should probably just keep a physical notebook with my computer at home with passwords, so I can use more complicated long passwords I will never remember.
So someone could have just magiced up my apple id from somewhere (no clue how), and just brute forced my password? Blah, anything to prevent that in the future?
And yeah, I love NoScript.
I've heard rumors of apps that could steal your itunes info, usually Chinese apps. Have you downloaded any strange or unusual apps recently?
I don't have any apps aside from the iBook app that comes on the iPod, and I downloaded a metronome app because it was free, just to see how the app store works, and that was months ago. I've only downloaded music since that, and not since a month ago.
And how would the master pw be compromised on the LastPass server?
Somebody'd have to hack LastPass. Unlikely, but anybody who is storing tons of master passwords and a user database is going to be a bit of a target, eh?
You'll notice that when you hit "download" on their site, they definitely have a Firefox plugin (and I think that's what it was at first, but maybe the standalone program came first): https://lastpass.com/misc_download.php
The only way your password is likely to be compromised is if LastPass's database gets hacked, which ideally wouldn't happen with the security they must have in place (but naturally, someone getting into their system would be hitting the jackpot).
LastPass is a nice way to go, on firefox there's also the default password manager. To enable it, look under tools, then security.
Anyways, best of luck!