Announcement

Collapse
No announcement yet.

Identity Theft - It can happen to you too

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Identity Theft - It can happen to you too

    Right off the bat I'd like to say I'm a dumb-ass. For those of you that think your identity can never be stolen, guess again. I've been around computers all my life (25 or so years including a couple of degrees) and I guess I was too arrogant to think it couldn't happen to me. Anyway I wont lecture but two pieces of advice:

    BE CAREFUL
    RUN VIRUS SCANS

    Ok with that out of the way, does anyone have any information on how I can catch the bastard. I contacted my local police and as expected they can't help me. Ebay and Paypal are doing all they can in getting my money back, but I want more. The problem is this person is in Germany. The good news is, I have an address. I'm not so naive to think this is the criminals address, but it's a start.

    So does anyone have any suggestions on where to start? FBI? Ideally I'd like someone to stake out this address to see who is picking up packages there :) I know that is probably never going to happen, but I need to try something.
    flux
    [tg-c1]

  • #2
    Re: Identity Theft - It can happen to you too

    The FBI is your best bet, but they tend not to really do much of anything unless the loss is over $25,000.

    If you don't mind, PM me the details of the situation and I'll run it through the resources I have through my day-job. :)

    I do laugh at those people that don't run anti-virus and anti-spyware software and then post bragging about how safe they are because they know this-and-that and take some manual security measures. As you've shown, ANYONE can be a victim, regardless of your computer knowledge.
    Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

    Comment


    • #3
      Re: Identity Theft - It can happen to you too

      If its a german addy, why not try to contact the police department in that town and tell them the situation.
      Might not produce any results, but its something.

      Comment


      • #4
        Re: Identity Theft - It can happen to you too

        If I spoke German I would.
        flux
        [tg-c1]

        Comment


        • #5
          Re: Identity Theft - It can happen to you too

          So, out of curiosity and a desire to cover my own butt, can you explain what happened and why a scan would have helped you?
          ~~ Veritas simplex oratio est ~~
          No matter how far a wizard goes, he will always come back for his hat. --T. Pratchett

          <---- You know you're getting old when you rely on your forum meta-data to remind you how old you are.

          Comment


          • #6
            Re: Identity Theft - It can happen to you too

            Surely a German operator speaks English? They have to have one, just see if they can contact someone over at the local police department and get a translator. If nothing else they should take it like an anonymous tip and look into it :)

            I myself am curious as to how they did it :/
            -Sirusblk

            Comment


            • #7
              Re: Identity Theft - It can happen to you too

              I jusr got back from germany and I would say a majority of German's speak english as a second language.

              I am 100% sure that the police have someone that speaks english for you to talk to.
              Certainly there is no hunting like the hunting of man and those who have hunted armed men long enough and liked it, never really care for anything else thereafter.
              Ernest Hemingway, "On the Blue Water," Esquire, April 1936

              Comment


              • #8
                Re: Identity Theft - It can happen to you too

                Originally posted by GhostintheShell View Post
                I jusr got back from germany and I would say a majority of German's speak english as a second language.

                I am 100% sure that the police have someone that speaks english for you to talk to.
                Thats what I understood. I would think its at least worth a try, to nab the guy who is stealing from you.

                Comment


                • #9
                  Re: Identity Theft - It can happen to you too

                  Where to begin... Well I made several mistakes, the biggest being leaving my machine outside my firewall after doing some playing around. I was trying to set it up so I could Remote in from work and just plain forgot to pull it back in. Well as you can imagine this opened the flood gates.

                  Had the criminal not tried to use my ebay account I wouldn't have noticed anything until my next credit card statement. For some reason paypal put a flag on my account, but never notified me of the suspicious activity. But actually paypal has been much more helpful than ebay. Ebay doesn't even have a phone number to call them. Anyway thats another rant.

                  So after calming down and thinking about the problem I decided they had to have attacked paypal first and most likely got my password from somewhere. So I ran a virus scan on my home machine. Well I couldn't update my definition files. I tried uninstalling the virus software and reinstalling with no luck. It would download the updates but would not install them. Some bogus error about not enough diskspace/permissions.

                  What saved me in all this was that I had just ordered a new Hard Drive that came 3 days before that I was still in the process of setting up. So I booted on the new drive and mounted the old drive. After installing the virus scanner on the new drive and scanning the old I found the problem -- rootkit.

                  The particular rootkit used was Hacker Defender which has been well documented and on virus scanners for some time, but because my definition files were unable to udpate for so long, I guess I never got these. Big mistake number... 3 now?

                  The lucky part about all this is now I can mount the infected drive without fear of further infection and dig around to see what all was done. So I found pwdump and a couple other password dumpers which is how they got all the other information they needed to login to my online accounts. I can also see gaps in logs that were obviously deleted after the attack, several lingering files related to the rootkit, one containing the hackers password :row__523:

                  Since the hacker also ordered stuff with my accts he/she had to put mailing addresses in my accts. Unless this is some moron this is surely not their home address. But, I also have access to several communications sent through my ebay account to sellers informing them to send via DHL and send the tracking number ASAP. So my guess is they either work for DHL or know someone that does.

                  My router still has the same IP address so I'm tempted to try and catch the hacker in the act again by setting up a honey pot. I'm not sure I'm confident enough to do this though.

                  So the moral of the story, never let your guard down. I got lazy and didn't think anything could happen to me even if I left my doors unlocked and open. Eventually someone will walk through.

                  I'd also like to note that just because you are behind a firewall does not mean you don't have to run virus scanners. A while back there was a virus found in the TeamSpeak install. So even files you know where they come from can infect you. You can never be too careful.

                  Never Again.
                  flux
                  [tg-c1]

                  Comment


                  • #10
                    Re: Identity Theft - It can happen to you too

                    Wow, thanks for sharing. Sorry to hear about that. Quick question: how did you pick up the virus anyway, regardless of firewall status?

                    3) Support game play in a near-simulation environment. Where the focus of play would not be solely on doing what it takes to win, but doing so utilizing real-world combat strategy and tactics rather than leveraging exploits provided to players by the design of the game engine.

                    Comment


                    • #11
                      Re: Identity Theft - It can happen to you too

                      Yes, thanks for sharing *runs virus scan* !
                      ~~ Veritas simplex oratio est ~~
                      No matter how far a wizard goes, he will always come back for his hat. --T. Pratchett

                      <---- You know you're getting old when you rely on your forum meta-data to remind you how old you are.

                      Comment


                      • #12
                        Re: Identity Theft - It can happen to you too

                        Picking on words here, but I wouldn't call it a Virus or even a Trojan, this was a rootkit implanted by someone hacking my machine. Virus Scanner is an unfortunate term as most virus scannersalso find any malicious code on your machine. Also I don't want people to think I picked up a virus by downloading something. This was implanted by someone actively pushing files to my machine while I was away.

                        I'm not certain yet how they got in. I haven't had much time to analyze logs and unfortunately my router does not log internet traffic. Once I find out more I will post here. I suspect is it some port that windows leaves open by default but I just don't know yet. We should all take a moment to take a look at all the services running on our machines and set them to off or manual if you don't use them.

                        A word of warning here too. If you have the Linksys/Vonage router it will not log internet traffic as most routers will. This is important if you suspect someone is trying to get into your network. I'm considering dumping mine in favor of separate router and vonage device.

                        Never let your guard down. The best I can tell all of this happened within two days. It doesn't take long.
                        flux
                        [tg-c1]

                        Comment


                        • #13
                          Re: Identity Theft - It can happen to you too

                          Originally posted by flux View Post
                          A word of warning here too. If you have the Linksys/Vonage router it will not log internet traffic as most routers will. This is important if you suspect someone is trying to get into your network. I'm considering dumping mine in favor of separate router and vonage device.
                          I called my broadband provider (COX Communications) and got a second IP address. I have a 100MB switch hanging off my cable modem and then have two routers plugged in to the switch. One router/firewall is for my home network and the other is my Vonage router/ATA. The only thing I use that Linksys/Vonage router for is my VoIP phone service and guest internet access at my house. If someone comes over and needs net access, they can either plug into that router and/or grab an 802.11G connection off an AP that is also on that network. I never let people on to my actual home network.

                          If that seems like a lot of work, you can also ditch the Linksys/Vonage router and go with a simple Vonage ATA device that plugs into one of the ports on the back of a more secure home router/firewall.
                          Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

                          Comment


                          • #14
                            Re: Identity Theft - It can happen to you too

                            Originally posted by Apophis View Post
                            If someone comes over and needs net access, they can either plug into that router and/or grab an 802.11G connection off an AP that is also on that network. I never let people on to my actual home network.
                            There was a time where I would have laughed at this, but it sounds like a good idea now. I use to have LAN parties at my house, but not any longer so this isn't much of an issue anymore. There are people that come over that I don't allow on my machines though. They lost their privileges after I found out what sites they were going to and the crap they put on my machines. Actually my mother-in-law is not allowed on anymore for this reason and I refuse to clean her machine anymore.

                            Remember kids even though you know the person you don't know where their computer has been.
                            flux
                            [tg-c1]

                            Comment


                            • #15
                              Re: Identity Theft - It can happen to you too

                              Originally posted by flux View Post
                              There was a time where I would have laughed at this, but it sounds like a good idea now. I use to have LAN parties at my house, but not any longer so this isn't much of an issue anymore. There are people that come over that I don't allow on my machines though. They lost their privileges after I found out what sites they were going to and the crap they put on my machines. Actually my mother-in-law is not allowed on anymore for this reason and I refuse to clean her machine anymore.

                              Remember kids even though you know the person you don't know where their computer has been.
                              That is exactly my problem. Internally on a network you will often run services that you don't want publically available. Some of these services, if made public, are vulnerable to various virii, trojans, and rootkits. Allowing someone to plug in to your internal network is directly exposing your machine to anything hostile that may be installed on this guest machine. If they have some sort of infection that is capable of exploiting services you have open internally, you're taking a big risk.
                              Diplomacy is the art of saying "good doggie" while looking for a bigger stick.

                              Comment

                              Connect

                              Collapse

                              TeamSpeak 3 Server

                              Collapse

                              Advertisement

                              Collapse

                              Twitter Feed

                              Collapse

                              Working...
                              X