Hackers stealing eBAY accounts!

[suprattgaz]

This happened to anyone else? I just logged onto my email account and saw 14 odd hair products that I had apparently put up for sale???!?!?!?!

 

eBAY recognised it was a third party unathorised to use my private account, but WTF?! What else can they hack into? I am really considering removing all internet email/paypal/banky things as I am very weary of all this now.

 

Not liking the sounds of this identity theft thing, it sounds like a royal pain in the arse

[Gaz6002]

I don't do any financial transactions on the 'net if I can avoid it. The reason for this is simple. I work in the industry and I know what goes on.

[suprattgaz]

I don't do any financial transactions on the 'net if I can avoid it. The reason for this is simple. I work in the industry and I know what goes on.

 

Oh!!! So am i right in thinking it to be wise to give up on internet banking etc? Is it really that dangerous?!

[Gaz6002]

Oh!!! So am i right in thinking it to be wise to give up on internet banking etc? Is it really that dangerous?!

 

I don't want to be a scare-monger and i'm not going to tell you it's 100% unsafe but in my opinion it's not worth the hassle.

[Blackie]

I don't do any financial transactions on the 'net if I can avoid it. The reason for this is simple. I work in the industry and I know what goes on.

 

how safes paypal and the little padlock in the corner of secure sites?

[Gaz6002]

how safes paypal and the little padlock in the corner of secure sites?

 

It's not the sites themselves you need to worry about. It's more about keeping your own information out of the wrong hands and that is a challenge we are losing every day. The padlock is indicative of a pretty safe site but it's only as safe as the info you use to log in with.

[suprattgaz]

I don't want to be a scare-monger and i'm not going to tell you it's 100% unsafe but in my opinion it's not worth the hassle.

 

OK, I understand where you are coming from. I'm not too good at this stuff, one last question then, is it safer (just your opinion) to do this stuff (bank tranx etc.) at work , on a secure (MOD) intranet rather than a home computer with Firewall and all that jazz, or is it all as bad as each other?!

[saboteur]

Nowadays computer systems and networks are MUCH more secure then back in the old days. I can say this with very good authority.

 

The weakness often lies not with the webservers security but with the users (i.e. you, me and the rest of the consumers). Peoples machines themselves aren't very well protected. Often it is very easy to access someones personal machine remotely... then install some kind of worm or trojan that is not detected by any scanners and will do whatever the 'hacker' wants it to.

[Gaz6002]

OK, I understand where you are coming from. I'm not too good at this stuff, one last question then, is it safer (just your opinion) to do this stuff (bank tranx etc.) at work , on a secure (MOD) intranet rather than a home computer with Firewall and all that jazz, or is it all as bad as each other?!

 

I only use telephone banking but I'd say it shouldn't make much difference depending on whether your home PC is safe. For that reason i'd say the MOD setup might be better for a less technical person.

[Blackie]

i run adaware before i go in to paypal and i also have my passwords already typed out in a file (not saying what there for) and i just copy and paste it, this will help against key loggers?

[suprattgaz]

Nowadays computer systems and networks are MUCH more secure then back in the old days. I can say this with very good authority.

 

The weakness often lies not with the webservers security but with the users (i.e. you, me and the rest of the consumers). Peoples machines themselves aren't very well protected. Often it is very easy to access someones personal machine remotely... then install some kind of worm or trojan that is not detected by any scanners and will do whatever the 'hacker' wants it to.

 

So am I right in thinking the firewall stops people from doing this? 100%?!

[Gaz6002]

i run adaware before i go in to paypal and i also have my passwords already typed out in a file (not saying what there for) and i just copy and paste it, this will help against key loggers?

 

Yes. But keyloggers aren't the be-all and end-all

[Gaz6002]

So am I right in thinking the firewall stops people from doing this? 100%?!

 

Depends on the type of Firewall. A hardware firewall is infinately better than a software one but at the end of the day it's down to what you chose to allow and you don't always know what that is.

[suprattgaz]

i run adaware before i go in to paypal and i also have my passwords already typed out in a file (not saying what there for) and i just copy and paste it, this will help against key loggers?

 

Wow, hang on, so if poeple can go onto your computer and route around, then if they find this file surely that is worse? I used to keep mine in a file for that reason as I had heard of this key logging thing, but then wondered what would happen if someone got hold of my little password document Am i just getting over cautious or what??

[Gaz6002]

Better safe than sorry mate. Thats why it's easier to say not to use it than it is to explain how to use it properly.

[saboteur]

So am I right in thinking the firewall stops people from doing this? 100%?!

 

Absolutely not!

A good written program will probably kill your firewall to transfer packets out of your computer system while making you believe that the firewall is still active.

 

There's no way to be 100% secure, but being cautious with what you install in your machine is definately a good start. Oh and keep your anti virus and firewall updates as often as you can, not forgetting browser updates which I think is the easiest way to access someones machine!

[suprattgaz]

Also, anyone know what I might have done for someone to get my eBAY details? I am ususalyy quite good at keeping my stuff secure, or can they just do it to anyone?

[suprattgaz]

Absolutely not!

A good written program will probably kill your firewall to transfer packets out of your computer system while making you believe that the firewall is still active.

 

There's no way to be 100% secure, but being cautious with what you install in your machine is definately a good start. Oh and keep your anti virus and firewall updates as often as you can, not forgetting browser updates which I think is the easiest way to access someones machine!

Do you mean "fake" browser updates?

[saboteur]

Wow, hang on, so if poeple can go onto your computer and route around, then if they find this file surely that is worse? I used to keep mine in a file for that reason as I had heard of this key logging thing, but then wondered what would happen if someone got hold of my little password document Am i just getting over cautious or what??

 

I would say that having password files on your computer is much more unsafe then typing it in everytime (like I do!)

The password files that store all your info is very convinient for hackers as it gives all the info in one conveinient place... and the encryption on those files is VERY weak indeed!

[suprattgaz]

Better safe than sorry mate. Thats why it's easier to say not to use it than it is to explain how to use it properly.

 

Thanks for the advice, appreciate it

[saboteur]

Do you mean "fake" browser updates?

 

No mate I mean keeping your browser, e.g. internet explorer or firefox or whatever and getting the latest security updates available from their respective websites.

[suprattgaz]

I would say that having password files on your computer is much more unsafe then typing it in everytime (like I do!)

The password files that store all your info is very convinient for hackers as it gives all the info in one conveinient place... and the encryption on those files is VERY weak indeed!

 

Thought as much, my file went a long time ago - SO STAY AWAY EVIL HACKER PEOPLE, NOTHING TO SEE HERE!!!! I can see you

[DrivingTheDream]

Also, anyone know what I might have done for someone to get my eBAY details? I am ususalyy quite good at keeping my stuff secure, or can they just do it to anyone?

 

 

Loads of spoof emails through eBay mate, could you have replied to one by accident?

[saboteur]

Also, anyone know what I might have done for someone to get my eBAY details? I am ususalyy quite good at keeping my stuff secure, or can they just do it to anyone?

 

There's alot of emails I get where people say, "can you verify your ebay details to us please?" and then try and send me to a real looking fake website designed to get my user and password.

 

Even the URL can look very real. For example: http://[email protected] will NOT take you to ebay but the ip address that follows.

 

It's all very clever and I spent much of my youth learning it all which is why I'm pretty clued up.

 

Stay safe, use common sense!

[suprattgaz]

There's alot of emails I get where people say, "can you verify your ebay details to us please?" and then try and send me to a real looking fake website designed to get my user and password.

 

Even the URL can look very real. For example: http://www.ebay.co.uk/@192.0.0.1 will NOT take you to ebay but the ip address that follows.

 

It's all very clever and I spent much of my youth learning it all which is why I'm pretty clued up.

 

Stay safe, use common sense!

 

I hope I do, hence why I am so miffed that this has happened to me?