|
pshawny
Mycobian



Registered: 09/11/04
Posts: 1,332
Loc: Shroomery
Last seen: 15 years, 3 months
|
Online Identity Theft
#4966357 - 11/21/05 10:59 PM (18 years, 5 months ago) |
|
|
My friend just had his hotmail, ebay, and paypal accounts hijacked. His email password has been changed and he can't get into it. Someone listed a car for sale on his ebay account. He canceled his credit cards and is calling the bank tomorrow to check his accounts.
Another friend of mine told us that someone probably used a Trojan to get into his computer and used his cookies to access his accounts. What do you guys think?
What can he do in this situation? How can one protect themselves from this kind of thing in the first place? Thanks for any help, he's freaking out.
--------------------
|
Vvellum
Stranger

Registered: 05/24/04
Posts: 10,920
|
Re: Online Identity Theft [Re: pshawny]
#4966630 - 11/22/05 12:08 AM (18 years, 5 months ago) |
|
|
probably a keylogger or just someone who figured out his passwords.
protection? Anti-virus and hard-to-break passwords that change often. Avoid bullshit p2p networks like kazaa and whatnot. Dont download and open weirdo email attachments or programs without av scanning them first.
|
GulGen
Old Bird


Registered: 05/16/05
Posts: 307
Loc: I live in the Internet
Last seen: 17 years, 8 days
|
Re: Online Identity Theft [Re: Vvellum]
#4967129 - 11/22/05 06:32 AM (18 years, 5 months ago) |
|
|
Once you've got access to someone's email you can usually find passwords to other things in saved email messages. You know the ones, you sign up for an account somewhere and they helpfully send your login and password to the email you gave them. Or you can go to a site, say you forgot your pass, give them the email and they send it right off to you. Add in the fact that most people use one or a few passwords for everything they do and it's a recipe for disaster if someone malicious figures out your email pass.
To protect in the first place, use good passwords (not necessarily super unhackable "3j&Dn8k7G^q" kind of stuff, but at least not "sex" or "password", names of pets, etc.). If it was in fact a keylogger / trojan, those are generally avoided easily enough by being careful about what you open and what you do online. Sure, there are programs to catch them as they install or after the fact, but it's not too hard to avoid such things altogether if you're cautious and/or a bit paranoid.
It might also be worth considering if it could have been anyone with physical access to the machine. If someone competent has direct access to a computer and wants to be evil there's generally not a whole lot that can be done to stop them.
Now that the damage is already done, it's just a matter of cleaning up the mess. Definitely get a handful of anti-spyware programs to make sure that the machine gets clean (if it isn't already). Any accounts that have been compromised (ebay, etc.), look around for some way to either reset stuff or find an email address that seems appropriate. Tech support or fraud prevention or something. I don't know how successful such things may or may not be, but there's not really anything else in the way of options that I can think of.
|
daussaulit
Forgetful

Registered: 08/06/02
Posts: 2,894
Loc: Earth
|
Re: Online Identity Theft [Re: pshawny]
#4967908 - 11/22/05 11:26 AM (18 years, 5 months ago) |
|
|
get a hardware firewall, software firewall, Antivirus software, ad-aware, and spybot search and destroy.
|
yousuck
Stranger

Registered: 05/22/05
Posts: 616
|
Re: Online Identity Theft [Re: daussaulit]
#4968043 - 11/22/05 12:13 PM (18 years, 5 months ago) |
|
|
trojan? definitely possible if he had used a .exe from an unsafe source(but what sort of dumbass would do that?).
cookies? who the hell stores cookies anymore? is she using IE still?
sounds like just another one of the masses who is using a tool that couldn't possibly understand. Their needs to be some sort of license in order for people to buy and use computers. Too many dumbasses doing stupid things to get their computers infected, or being completely retarted and giving out information or keeping sensitive information in their email account.
FYI software firewalls = worthless
Before he goes about haphazardly downloading every virus blocker on the net, id reccommend he do the ol' wipe and reload.
|
pshawny
Mycobian



Registered: 09/11/04
Posts: 1,332
Loc: Shroomery
Last seen: 15 years, 3 months
|
Re: Online Identity Theft [Re: yousuck]
#4968449 - 11/22/05 02:09 PM (18 years, 5 months ago) |
|
|
Him and his fiance share the computer. Who knows what he or most likely she did. He told me his passwords for everything are the same, so that was his fault there. Is the firewall in a router good enough?
--------------------
|
yousuck
Stranger

Registered: 05/22/05
Posts: 616
|
Re: Online Identity Theft [Re: pshawny]
#4968493 - 11/22/05 02:19 PM (18 years, 5 months ago) |
|
|
firewall router is the only firewall you'll ever need. make sure he knows how to port foward and the such in case they use it for anything other than the internet. of course most programs that use different ports usually say what port to foward it on, and the router company web sites usually have a tutorial on it.
using the same password over and over again is fine, just make sure to have unique pw's for sensitive things like online banking and ebay.
|
|