The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.
Email addresses were compromised.... Need help fast!
Hi. So all of my email addresses were hacked, and all my passwords changed. I finally got back into my yahoo to find this little gem:
Hello there dear family.. we all livin in yellow sub marine
I would ilke to ask you for some help me over here...
please transfer to my Libery Reserve account some money like 300USD
and I will give back alll acounts of <name> to him... well he can suspend them as well but... I don't know if he want this...
I will wait 4 days and after that I will start do stupid things like using his Credit cards amazon accounts etc...
YOUR familiy Hacker - the bad mother fucker
PS:
My Liberty Reserve account is U5533525
U5533525
U5533525
U5533525
U5533525
Also
Hello bro... I will give you time till 4th to send me 200LR USD as you alread earned on mint.com 700USD so you are rich... I don't have got anything to eat over here so if you will not send me this money to my Liberty Reserve U4415154 account than i will start do things which you would not like me to do..
have a good day bro
Please help me. I don't know what to do! I've deleted all my credit cards off of amazon, and deleted my mint account.
I've formatted my machine. Changed all my passwords and got all my email accounts back. I've contacted the police here and they took a statement with all the emails he sent to me. I am going to cancel my credit cards tomorrow, and call the credit bureau and put a fraud alert on it.
Assuming you're in the US... report this to your local FBI office.
Yes, seriously.
There's a lot going on here.
You mention police, did you call the local police? Depending on how big the department is there, they'll range from unhelpful to helpless. Call the FBI. They have a fairly extensive force dedicated to fraud and extortion. You're in Ohio sounds like? Here you go. Check if you're in the Cincinnati or Cleveland jurisdictions, then click the bold links to that section's site for contact info.
Thank you so much Hevach... I'll call them tomorrow when I wake up and see what they say.
urahonky on
0
ceresWhen the last moon is cast over the last star of morningAnd the future has past without even a last desperate warningRegistered User, ModeratorMod Emeritus
edited March 2011
Creepy as hell. I cannot emphasize enough the importance of changing every password you can think of right now, not just ones things that are directly finance-related. Battle.net if you have one, Xbox live, any subscriptions you might have... anything. It sounds like you're already on that.
Before you did the format, did you run a virus scan or anything to see if it could have been something on your computer? Logs from a program like Hijack This! might be useful.
ceres on
And it seems like all is dying, and would leave the world to mourn
Thanks I didn't think of battle.net... He stole my email for hotmail, which was my xbox live, but I'm in the process of getting that back.
I wish I had remembered to run hijack this but I was pretty scared that anything I was doing on that computer was being watched so I purged it real quick. Now I'm installing Microsoft Security Essentials.
Looks like my steam may have also been compromised as well..
If you get it back, validate your email address (File -> Settings somewhere). That way a hijacker can't change the email for the Steam account if they get access to your Steam login credentials.
...not that this actually helps if the actual email account is compromised, but it's extra security for the Steam account.
I keep saying that my email account is my life, and this pretty much proves that point.
The way I have it set up is that I have my main email account with my web host with a very secure password that I can't even remember (got it in my encrypted password wallet though). I've set that up to forward to my Gmail account, which is what I use for actual reading/mailing.
Contacted the FBI and filed a report (I gave them the IP address that was used to log into my facebook account in New Jersey). They also instructed me to file a report with the Internet Crimes website (www.ic3.gov) and I did. My wife will be canceling our credit cards today and getting new ones. I've printed all of the emails he sent me and filed them for safe keeping.
I really don't think it's worth the trouble for 100USD... Especially since he could be going to Federal Prison.
That's very true. I just have a hard time assuming if it's a kid, or if it's someone out of country. At first I immediately assumed that it was the out of country, but when I saw the NJ I thought about the school system there. :P
I'm still waiting on my hotmail account recovery thing to go through (ugh, damn you Microsoft) but as soon as it does I'll be changing the password for it, and the security question, and adding any additional security to it. I'm still a little nervous about the whole thing. I had a hard time sleeping last night.
I'm curious, you said ALL of your email addresses were hacked. Were you using the same username and password for everything? Did you find that your computer itself was compromised?
Same name for 3 of them, one was different. Password was same for 3, but not the other. No idea how he did it, unless he hacked into my computer and was able to retrieve saved passwords or something.
Which I'm not doing anymore. Also running Microsoft Security Essentials, turned the Firewall on, and am clearing the cache each time I close the browser.
Make sure to tell all your contacts to ignore emails from you that are asking for money or gifts.
Ironically that one email he sent that sounded like he wanted to send to my contacts was sent back to the original address, and no one else. I asked my parents to look at their email and they said they hadn't received an email from me.
Same name for 3 of them, one was different. Password was same for 3, but not the other. No idea how he did it, unless he hacked into my computer and was able to retrieve saved passwords or something.
Which I'm not doing anymore. Also running Microsoft Security Essentials, turned the Firewall on, and am clearing the cache each time I close the browser.
Probably just a MITM attack of some sort, or a trojan keylogging. Like if you typed http://mail.google.com, chances are the next two sets of words you typed would be your username/password.
bowen on
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
It probably wouldn't matter, obviously the best methods are safe browsing/email habits and virus scans. You don't use hot spots do you? Or even Wifi in general? It could be anything really.
Someone could just be snooping on your wifi at home if it were unprotected, or listened to network traffic at a hotspot.
bowen on
not a doctor, not a lawyer, examples I use may not be fully researched so don't take out of context plz, don't @ me
So I work for Yahoo!, and you should also report this to us too by going through the account security forms at help.yahoo.com.
Possibilities for how it happened are keylogger and Firesheep, if you use unsecured wireless access points.
Also though, this does not sound like the typical Nigerian scam that hits most compromised accounts. They usually email all your contacts pretending that you were mugged in London and need to be wired money. This sounds more like a script kiddie.
I do log in occasionally at my university's computer labs. Do you think they could be on there?
Depending on how tight a ship your school's IT staff runs: Yes, it's possible.
Public computers always make me nervous; they're a double threat. People do dumb shit on them so the probability of an accidental infection is higher, and they're also an excellent target for intentional infection, because you're going to catch more people for less work.
That's true. But I always boot the machine up and it looks like it's running one of those state machines, where after a reboot it returns to its original state. I guess it's possible that it could have infected the original partition...
Firesheep basically only works if you're on a totally unsecured public wifi and log in to your accounts. Keylogger, I guess. Probably on your home machine.
I googled around for RSA enabled webmail services and got nothing. That would be ideal for easing your anxiety. Even if they got your password, it would only be valid for, at most, 60 seconds; and I don't imagine that people watch a realtime feed from their keyloggers.
I feel slightly better that I've taken proper protocols to cover my ass, but still... Every time I look at that Yahoo! mail login screen my pulse jumps.
I wish hotmail would freaking let me have my account back!!! It's still in limbo.
Joking aside, this sucks, but it sounds like you have taken every precaution you can to cover your financial bases.
You did the right thing not giving money the first time, because stupid ass hackers like that know that if they get someone to give them money the first time then they can do it over and over again.
I googled around for RSA enabled webmail services and got nothing. That would be ideal for easing your anxiety. Even if they got your password, it would only be valid for, at most, 60 seconds; and I don't imagine that people watch a realtime feed from their keyloggers.
Google has actually recently set up an optional 2-stage verification system. If you've got a cell (preferably a smartphone) around every time you log in to google, it's something people should look into.
I don't have much help to offer aside from what's already been said, just wanted to say that sucks urahonky and I hope everything turns out ok for you.
The first thing you should do when something like this happens is completely disconnect the computer from the internet, download updates to scanning software like MalwareBytes and HijackThis on a different computer, and try to boot into safe mode and run them via flash drive. Your computer will probably still need to be formatted and redone from scratch, but you might be able to gather some important clues as to how it happened. (You also might want to use a flash drive without important data on it and format it too afterward.)
Posts
@gamefacts - Totally and utterly true gaming facts on the regular!
Yes, seriously.
There's a lot going on here.
@gamefacts - Totally and utterly true gaming facts on the regular!
You mention police, did you call the local police? Depending on how big the department is there, they'll range from unhelpful to helpless. Call the FBI. They have a fairly extensive force dedicated to fraud and extortion. You're in Ohio sounds like? Here you go. Check if you're in the Cincinnati or Cleveland jurisdictions, then click the bold links to that section's site for contact info.
Before you did the format, did you run a virus scan or anything to see if it could have been something on your computer? Logs from a program like Hijack This! might be useful.
I wish I had remembered to run hijack this but I was pretty scared that anything I was doing on that computer was being watched so I purged it real quick. Now I'm installing Microsoft Security Essentials.
If you get it back, validate your email address (File -> Settings somewhere). That way a hijacker can't change the email for the Steam account if they get access to your Steam login credentials.
...not that this actually helps if the actual email account is compromised, but it's extra security for the Steam account.
I keep saying that my email account is my life, and this pretty much proves that point.
The way I have it set up is that I have my main email account with my web host with a very secure password that I can't even remember (got it in my encrypted password wallet though). I've set that up to forward to my Gmail account, which is what I use for actual reading/mailing.
I really don't think it's worth the trouble for 100USD... Especially since he could be going to Federal Prison.
Two possibilities spring to mind:
- It's a kid (teenager), kids are more capable than they are wise; and a few hundred bucks is a lot of money to a person with no income (or expenses).
- You're one of a large set of people to receive those messages (the NJ IP could be a proxy masking someone operating outside of the country).
I'm still waiting on my hotmail account recovery thing to go through (ugh, damn you Microsoft) but as soon as it does I'll be changing the password for it, and the security question, and adding any additional security to it. I'm still a little nervous about the whole thing. I had a hard time sleeping last night.
I'm curious, you said ALL of your email addresses were hacked. Were you using the same username and password for everything? Did you find that your computer itself was compromised?
Which I'm not doing anymore. Also running Microsoft Security Essentials, turned the Firewall on, and am clearing the cache each time I close the browser.
Ironically that one email he sent that sounded like he wanted to send to my contacts was sent back to the original address, and no one else. I asked my parents to look at their email and they said they hadn't received an email from me.
Probably just a MITM attack of some sort, or a trojan keylogging. Like if you typed http://mail.google.com, chances are the next two sets of words you typed would be your username/password.
Someone could just be snooping on your wifi at home if it were unprotected, or listened to network traffic at a hotspot.
Possibilities for how it happened are keylogger and Firesheep, if you use unsecured wireless access points.
Also though, this does not sound like the typical Nigerian scam that hits most compromised accounts. They usually email all your contacts pretending that you were mugged in London and need to be wired money. This sounds more like a script kiddie.
I'll head to help.yahoo.com and I'll fill out the forms, thanks Lykouragh.
Depending on how tight a ship your school's IT staff runs: Yes, it's possible.
Public computers always make me nervous; they're a double threat. People do dumb shit on them so the probability of an accidental infection is higher, and they're also an excellent target for intentional infection, because you're going to catch more people for less work.
I wish hotmail would freaking let me have my account back!!! It's still in limbo.
That's sounds like WEP, and that's bad. It's cracked in about five minutes. Switch to WPA2.
Joking aside, this sucks, but it sounds like you have taken every precaution you can to cover your financial bases.
You did the right thing not giving money the first time, because stupid ass hackers like that know that if they get someone to give them money the first time then they can do it over and over again.
3DS FC: 5343-7720-0490
I think the guy was bluffing anyway... If he had the opportunity to use my CCs and stuff why didn't he just buy a bunch of shit and be done with it?
Hopefully it turns out a-ok.
3DS FC: 5343-7720-0490
Google has actually recently set up an optional 2-stage verification system. If you've got a cell (preferably a smartphone) around every time you log in to google, it's something people should look into.
The first thing you should do when something like this happens is completely disconnect the computer from the internet, download updates to scanning software like MalwareBytes and HijackThis on a different computer, and try to boot into safe mode and run them via flash drive. Your computer will probably still need to be formatted and redone from scratch, but you might be able to gather some important clues as to how it happened. (You also might want to use a flash drive without important data on it and format it too afterward.)