PlanetZ forums - scopeusers.com

I recently received a genuine email saying that my ebay account had been compromised and that I should change my password/access code.

I'm just wondering if anybody had seen similar signs around here. Perhaps some Planet Z members might have some posts missing and new members might have been skimming numbers ...........

I think the mail you got is infact, not genuine. I doubt ANY internet entity will ask for your login/pass. It just wouldn't make sense.

that is called phishing.
if you respond then you have been caught and your personal info is compromised. DO NOT even click on the link to check it!

changing your login is fine and maybe even a good idea at this point, but don't do it through that email in any way.

<font size=-1>[ This Message was edited by: garyb on 2006-08-13 01:01 ]</font>

The e-mail you got probably has a link for a false site which will in turn use your original password and credit card information.send the e-mail to ebay.

It's really doubtful that your email was in any way connected to Planetz, even if the originating address 'seemed' to come from someone here. They fake the headers when they send that stuff out so that it appears to come from other people.

Google 'phishing'. Netcraft's Firefox & IE 'bars' and Mcaffee's 'siteadvisor' browser plugins help prevent going to potentially problematic sites like that btw (I install the mcaffee one on FF for the less tech-savvy people in my family).

These kind of mail with phising have been around for about two years now, so don't answer, its a trap for you to fall. If you have changed it through the link in the mail, go inmediately and change all your security passwords again, and contact the "real" administrators to stop any posible problem.

No, it seemed genuine. There was no link. I had to go to the ebay site. They had already reset my password.

The comment re Planet Z was a poor joke about members stealing others posts to make up numbers. Bit obscure.... like my brain sometimes.

_________________


<font size=-1>[ This Message was edited by: emzee on 2006-08-13 18:14 ]</font>

no no, the site you went to is a bogus site! It's a copy of the ebay site. There are already scams like this for paypal and possible other places. Be carefull!

OK...I'd better check this out. I also changed my paypal and many other passwords. I'll let you know. I have my ebay link in "Favourites". Is that usually secure? I'm running XP with SP2 Network edition which I thought was fairly secure.

Contact them by phone, let them check it out for you on the screen, while you are at phone, you'll sleep better that way.

Ken is right, they really make site copies.
I got those (type of) emails also, check the urls, it's easy to detect.

Thanks Nestor... and thanks to all for your concern. I truly appreciate it.

I've gone to the site by manually typing in the web address and logging in. The security issue emails and password change emails were all in my inbox. It would appear to me that the only way this is non-genuine is if my computer had been hacked.

For peace of mind I will call them on the phone.

Thanks to all again.

well, I automatically delete most of e-mail that say either ebay or paypal since I don't use either of them. My wife recently started doing ebay and paypal, and started getting the fraud mails. The mail has nothing to do with your computer being specifically hacked. Your email address is already all over the place. The fraud mails just go through the list of leaked e-mails.

Check the URL. It's usually ebay something, or paypal something, but the full address is different from the real one. Maybe just by a little, but different none the less. The login screen is just there to grab your login and pass. The bogus page will never be on the same server as ther real one.

Anyhow, just always keep in mind that any internet service will NEVER ask you for your log/pass. Just like your bank will never call you just for your account number and PIN.

<font size=-1>[ This Message was edited by: kensuguro on 2006-08-13 21:33 ]</font>

It´s simply crime what is going on nowadays and in the past.
All those faked e-mails, asking you for your account numbers, pin, logins...

I really don´t understand why those people aren´t arrested and the faked sites aren´t closed.

I get regular three e-mails from the volksbank(fake) here in germany, asking you to visit a site and enter your datas.

When I would be the volksbank I would spent some money investigate the owner of the site and put him in jail, at least.

On 2006-08-13 21:30, kensuguro wrote:
...
Check the URL. It's usually ebay something, or paypal something, but the full address is different from the real one. Maybe just by a little, but different none the less. The login screen is just there to grab your login and pass. The bogus page will never be on the same server as ther real one...

that was only in the beginning...
in fact current attempts are absolutely professional and you have no chance at all, (not even if you consider yourself quite sophisticated with these things) to tell a real from a hijacked connection.

ignore anything security related that comes in via email

email is as open as a postcard and even the password to a 'regular' mailbox is sent in plain letters over the net.

there will NEVER be any important content (in security or financial context) sent this way by your business partners.

cheers, Tom

On 2006-08-14 00:12, ChrisWerner wrote:
...I really don´t understand why those people aren´t arrested and the faked sites aren´t closed...

as mentioned before, this is a business - and it's executed professionally as such...
Based on statistics like if one idiot among a thousand receipients does the click, this is a thousand fools per million.
This stuff is highly automated and operated from regions outside legislative access of the 'polluted' countries.

According to rumors those 'organisations' are supposed to have more access to accounts than they have possibilities to 'wash' the money...

cheers, tom

I figured that was a possibility. Which leaves everything on the net open ended. I'll take reasonable precautions. Other than that, there is one thing that keeps me from stressing. I'm too poor to give a shit.....

it's not unreasonable to assume those frauds rather focus on small(!) amounts, as the costs of legal actions exceed the value...

I have recently bought some templates for a friend of mine through the web with a credit card. As I don’t have a credit card, I asked my friend to pass onto me his, it is a special kind of card that is becoming more and more popular today, called Cybercard. It is in fact, a VISA Cybercard.

How does it work? Well, you load to the Cybercard “exactly” the amount of money you need to by the item you are looking for, just before the buy. Once you bought, there is no money in the Cybercard, till you decide to buy next time. It is a pretty secure way to buy, and, even in the event of being stolen, you’ll be stolen the amount of an item. Of course, this card is suited for small amounts of money. If you were to use it for your business and need to handle large amounts of money, this is better done in the bank itself.


About those guys:
It really is amazing that people like this could exist, what a bunch of idiots they must be to think this way! Of course the justice should do more, but more is being done everyday about cybercrime, it is being implemented even in the poorest countries around the world.

Anyway, I’m afraid that, it doesn’t matter how hard security teams will try in the future to come up with extraordinarily complex protocols and rules, programs, systems and hardware, to stop criminals to full people, they will always succeed at the end, because information is accessible everywhere in the planet. Long time ago, information was for the few, and you could know who knew what, today everybody with a computer can know about absolutely anything in the world... this is the internet, for the best, and for the worst.

The fight between cybercrime and cyberjustice will never end!
The important thing is to be always at the edge of technology about this, keep well informed on the “HOW TO” procedures to play save o you are not deceived when buying and trading over the net.

It is awful to admit it, but we are forced to a never-ending learning curve in terms of security, they will “never” be a definitive perfect security system in the “software” world, this is mathematically impossible. The more we advanced toward more complex programming, the more there will be hidden holes to enter your privacy from. Lets face it.

Now, is this really a software-security related problem? I don’t think so, I think the problem is humanity, that is getting crazy! The problem is us, not the internet.

Luck of human values like: honesty, sincerity and loyalty, are the real problem behind privacy, not software. I don’t yet know a program that will jump onto my privacy by itself, go out with my hard-earned money to drink a beer and eat some cocktail at my expense, without a brainless idiot behind it!