E-Gold Spoof
How to keep from getting hacked at e-gold
The spoof email I received below was designed to capture my login and password. It was NOT sent to me by e-gold. Notice the look alike URL in it . Go to it and you will give up your login and password to the hacker who will then proceed to clean out your e-gold account. Notice they can't even spell the word "using" correctly.
** e-gold Account Information Update Notice ** e-gold account number: ****** Items updated: Point of contact Update performed from IP address: 213.51.36.144 Time of update: 11/17/2005 12:36:03 AM GMT This automatic email notice lets you know that modifications have been made to the Account Information settings for your e-gold account. The current settings for your account can be viewed and modified at the e-gold website by choosing the Account Info menu selection while accessing your account. If you did not make a change to your account before receiving this email message, you should login to your account useing this link
https://www.e-gold.com/acct/login.html
immediately! Please do not reply to this automatically generated email message. If you click on the link provided above it even has a padlock that shows up in your browser. These guys are getting good. I sent the above email to e-gold and asked them if they sent it. Here is their response: "The email you received was not sent by e-gold Ltd. It was a fraudulent attempt to compromise e-gold accounts through a scam known as "Phishing". e-gold will never send you an unsolicited email asking you to access your account from a link in an email or click on a link in an email. Please review the security alert on the e-gold site for more information. If you clicked on the link or if you opened the attachment, there is a strong possibility you may have a Trojan virus on your computer! Thank you, e-gold Service"
A real account change email that I received back by going directly to www.e-gold.com and making an account change to see what a real email from them would look like is shown below. Notice the subtle differences and that there is NO login link provided to check with.
** e-gold Account Information Update Notice ** e-gold account number: 115702 Items updated: Security Level Update performed from IP address: 211.155.252.22 Time of update: 11/17/2005 4:03:16 PM GMT This automatic email notice lets you know that modifications have been made to the Account Information settings for your e-gold account. The current settings for your account can be viewed and modified at the e-gold website by choosing the Account Info menu selection while accessing your account. If you did not make a change to your account before receiving this email message, you should immediately contact e-gold using the contact instructions available at the e-gold web site. (For your security, never click a link in an email message to get to the e-gold web site.) Please do not reply to this automatically generated email message. Notice there is NO URL link provided in this message and notice the difference in the IP addresses in the two messages.
It's a Problem
Several people have emailed me recently complaining of having their e-gold
accounts cleaned out. Most of you are aware I don't use e-gold unless I
absolutely have to. E Gold is called hacker's heaven for a reason; IT IS.
And the reason most accounts are hacked into is because you are clicking on
spend to boxes via illegitimate programs that have look alike e-gold spend to
pages but they really aren't. They are simply designed to capture your login and
passphrase. I personally received this morning a supposed message from e-gold
stating my account settings had been changed and it included a link at the
bottom to login with to verify my settings (shown above as first example). DON'T
EVER use a link that comes in an email to log in to e-gold with. These
guys are getting very sophisticated all the time. It is getting harder and
harder to tell if the spend to page is real or not. They are even able to
duplicate the padlock we normally look for in the browser line at the bottom.
What I do is this. I have a separate e-gold account that I use to do my spends from, to any questionable or new program that won't allow me to go directly to www.e-gold.com independently and do my spend via. In other words I HAVE to do my spend to them via their egold spend page. This is especially true for the tons of get paid to surf and hyip programs out there that come and go; because many of them are ponzis and outright scams designed to capture logins and passwords to clean your account out with. Their offer or scam program has little to do with why they are there. I transfer money from my regular egold account to this account and only in the amount of the spend I want to make. I then quickly do my spend from that account to the program and leave that account empty so if it was a spoof page I spent from that there isn't any more for them to go in and clean out. Sad to have to do business this way but it's just more proof that Yahshua (Jesus) is coming soon.
In most of the get paid to surf programs you can get paid INTO your regular account and still pay THEM when upgrading from your protected account that you only put money into just before your spend to them.
Another way hackers get to you is by using
sophisticated keyboard logger and search programs that randomly insert
passwords. The protection against this is twofold. One, use the SRK button when
logging in your passphrase so you are using your mouse to select the passphrase
digits instead of your keyboard so if you happen to have a keyboard logger piece
of spyware installed on your computer you won't be giving up your passphrase via
the keyboard. You can actually do this for entering any password to any site. Go
to Start menu, programs, accessories, accessibilty and keyboard and
there you can enter your passphrases using an onscreen keyboard activated by
your mouse instead of your regular keyboard.
Secondly - use at least a 16 digit passphrase comprised of numbers, little
letters, capital letters and symbols. It takes this many digits to keep the
automated search programs the hackers use from randomly selecting your
passphrase.
ALSO
In your account settings page at the bottom make sure you have your account
sentinel settings set to maximum protection. These are found at the bottom of
your account page.
Set the first block to high, the second to enabled, and the third to disable.
Establish what your IP address is and only allow access via that IP address.
Same with phone number. It's a pain logging in when you have to go through the
PINN number thing all the time but you would like to keep your money intact,
right?
E Gold advice
If you login to www.e-gold.com and
click on "access your account" you will notice on the front page that
asks for your login information a link that says
"Keep your e-gold account secure...." click on that link where
the guy is trying to open the safe and it gives you a whole bunch of guidelines
for keeping your account secure. I list these here for you without the pics.
Restrict access to your e-gold account
e-gold's Account
Sentinel™ (a.k.a. AccSent™) enhances the security of your e-gold account
by enabling you to direct the circumstances under which your account may be
accessed. AccSent was designed to provide you an additional level of protection
in the event your passphrase is compromised due to poor security practices on
your part (we hope this does not describe you!). However, AccSent's features
should not be regarded as diminishing the importance of reading and practicing
ALL of the recommendations on this page.
Do not click links in
unsolicited email messages
Do not fill out forms in e-mail messages
e-mail may not be from
who it claims to be from (i.e. spoofed). Many common
Internet frauds start with spoofed e-mail.
Viruses can be
delivered to your computer by simply looking at a web page using a
vulnerable web browser. | |
Verify website identity before entering passphrase
Fraudulent "phishing" websites designed to trick you into divulging your passphrase or other sensitive information are common. Spoofed e-mail (see above) is commonly used to lure victims to phishing websites. Never assume that a website is the website you intended to be at based on its appearance. Before entering your e-gold passphrase, ensure you are at the real e-gold website by:
Checking for an active
padlock
in the browser status bar.
Checking the browser
location bar for a site name beginning with (exact spelling is critical): https://www.e-gold.com/
| Checking
the SSL certificate being using for for appropriate "Issued
To", "Issued By", and Thumbprint fields. At the e-gold web
site, these values are: |
|
Keep your operating system and applications updated
Use Windows Update to make sure you have the latest security patches installed. Also check for updates to your application programs, especially Microsoft Office.
Use a hardware and/or
software firewall
(I use Zonealarm Security Suite which has a firewall, antivirus and anti spyware
all built into one clean package www.zonelabs.com
).
A firewall can protect your computer from malicious traffic. A hardware firewall/router (such as the many offerings of companies like Linksys, D-Link, SMC, and others) acts as a barrier between the outside world and your computer. A software firewall, such as ZoneAlarm, performs that function to a lesser degree but can also block malicious programs on your computer from sending data out to the Internet. Windows XP includes a simple firewall, but it is disabled by default. The free version of ZoneAlarm does a very nice job.
Do not run untrusted applications
Running any program that
arrives via email or that was downloaded from the Internet can be dangerous.
Only run applications that you wish to grant complete access to your computer
and the data contained on it.
Especially don't run applications that have a .exe after them unless you
absolutely know where they come from and what they are supposed to do.
Upgrade to a better
web browser
You're already using Better MoneyTM - now choose a better browser. Mozilla's Firefox is available for almost every operating system and has many security and privacy advantages. Try "tabbed browsing". Manage your cookies. Block pop-up windows. The features are many, but the cost is low - in fact free. (Note that e-gold donations are accepted by the Mozilla Foundation).
Use an Anti-Virus program
If you follow all of the the above recommendations a virus will have difficulty infecting your computer. However, since a computer virus can be a vehicle for a criminal to gain total control of your computer and thereby any information stored on, sent by, or received by your computer, it is prudent to install antivirus software from a reputable source and run it regularly. Since new viruses are discovered daily, it is important to keep antivirus software and the virus definitions it uses for detection up to date at all times.
Educate yourself
Become a smarter computer user with regard to security issues. Here are a few places to start:
www.e-gold.com/unsecure/alert.html | e-gold Security Alert Page |
www.cert.org/tech_tips/home_networks.html | CERT Home Network Security |
www.microsoft.com/security/home/ | Microsoft Security Basics for Home Users |
www.isalliance.org/resources | Common Sense Guide for Home and Individual Users |
www.nsa.gov/snac/ | NSA Security Recommendation Guides |
grc.com/default.htm | Gibson Research. Info on Spyware, Shields-UP/port scan. |
www.antiphishing.org/ | Anti-Phishing Working Group |
www.securityfocus.com/ | Security Focus community homepage |
pcvirus2000.web.cern.ch/pcvirus2000/ | CERN antivirus support website |
security.web.cern.ch/security/passwords/ | Password Recommendations at CERN |
security.web.cern.ch/security/Recommendations | CERN Computer Security Recommendations |
Close your door! Off hook your telephone! Cancel all your assignments!
You are going to read the most sensitive information about your StormPay, Paypal
or e-gold accounts. If you miss today, you can lose every penny from your
accounts or even may not have access to them tomorrow. Monsters of cyberspace
darkness are after you. They shall catch you one day if you don’t know all the
tips given in this article.
Are you *feeling* Insecure?
You are not secure on internet at all. Whatever safeguards you develop, the hackers shall maneuver new techniques. However, you can feel much secure if you know: What is the SSL? How hackers intrude into your secure account? How to avoid financial loss?
What is SSL Server?
Secure Socket Layer (SSL) means a standard for establishing a secure communications channel to prevent the interception of your critical information. Primarily it enables secure electronic financial transactions on internet. All money processing companies such as StormPay, Paypal, and e-gold etc use the most secure socket layers at their servers. Hackers with their extreme skills and powerful computers (theoretically) can’t intercept your communications with these companies. But you might have experienced or heard that hackers have been accessing secure sites. Millions of dollars are drained every year from processing accounts.
How the Hackers Break Into Your Secure Accounts?
Hackers have been developing horribly sophisticated skills to access your secure accounts. If you are a programmer you may like to develop anti-hacking software. However, if you are a common man like me you can make yourself securer if you don’t let them access to your password. In most of the Paypal hacking incidents, people provided their secured information willingly to the hackers without knowing it.
1. You Send Your Secure Information Through Email:
Email is insecure mode of communication. It can easily be intercepted. So it is dangerous to send your secured information through email. However, it is last nail in your financial coffin to send your user id and password directly to the inbox of a hacker.
How is it possible?
You receive an email from Paypal admin that due to some technicalities they have messed with your account. They ask your user id and password to fix the problem. You see that “From” field contains anything@paypal.com . You have nothing to fear and send your information directly to the inbox of a hacker who is misrepresenting as admin of the Paypal. There are programs which can hide real contact of the sender with some fake email address.
2. You Disclose Your User Id and Password to Hackers at their Websites.
It is stranger but it easier than the previous
one. You receive a security alert from Paypal which requires you to log-in
through the link or provided with the email. But in 100% cases that URL or form
shall take you to some fake website that shall look like that of Paypal. You
supply your user id and password but the log-in page of the Paypal re-opens.
Alert!
You have been hacked. Don’t think that you had mistyped your password (which we often do). Log-in to your account and change your password immediately.
3. You Pay hacker to Break in your account:
You may term me crazy but it is the most dangerous strategy that hackers use. They build a business-like website and put some products for sale. You visit their site, select a product and click the payment button of any company. You may land at a fake website having copied web-pages of the concerned company. You try to log-in but that page reopens. Not having Paypal hacking idea, you submit your information now at the real site to pay him $20.00 for the product. Next day or after some time you may find your account empty.
4. Misspelled Domain Name:
Anybody can get a domain name registered for a few bucks. The hacker shall simply get a domain name closer in look to the any of the money processing companies but with different spellings such as stompay, paypla etc. Now it is matter of time. Whenever you make a typo (we do often), you shall land at this fake website. Thinking it genuine one, you put your secured information in the hacker’s files.
How to Avoid Financial Loss?
You are responsible for security of your password. You can avoid major financial losses if you take following pre-cautions.
Change Your Password Frequently:
You don’t know whether your last deal was with a genuine businessman or a hacker. Even if he is a real business, it will take only a few seconds to change your password after each transaction. If that is not possible then change your password at least once a week.
Never Email Your User Id and Password:
Whatever reason the president of your money processing company may quote, never send your user id and password to him via email. In fact the company does not need your user id and password to fix any technical problem.
Never Log-in from links in Your Email:
Never log-in your money processing account from any link or form that you receive through email. In 99% cases you shall be hacked.
Look for a security lock at your browser before Logging in. Whenever you process your money online your browser should display a security lock icon. In the case of Internet Explorer it appears at lower left part of your window. If you don’t find such a security lock you are at risk. That is not original website of the company.
Always log-in from Your Favorites Folder:
To avoid typo mistake, you should always log-in to your money processing accounts from your “Favorites” folder. You MUST Type URL of the company very carefully for the first time. After that whenever you shall visit the site from your “Favorites” folder, you shall reach to the genuine site. If you are too green, it is very easy to add a site to your “Favorites” folder. Just follow these steps if you use Internet Explorer:
Click “Favorites” at top menu bar of your
Internet Explorer. Click “Add to Favorites” from the drop-down menu.
A new window shall open. Click “New Folder” and name that Accounts. Select
your “Accounts” folder and click O.K. It is done!
Always Log Out after completing Your Operation:
Many people lose their money simply by not logging out from the secured sites specially at public terminals. There is nothing wrong if you develop habit to log-out every secured site even at your home P.C. You don’t know when your children may mess with your accounts innocently.
Watch Out For Cookies:
Most of the money processing companies put their cookies at your computer when you visit them for the first time. Whenever you re-visit your account, you shall see your user id field already filled. Just enter your password and you shall have access to your account. However, no false website shall display your User Id upfront. But it doesn’t mean that every secured site which does not show your id is false. You may have lost your cookies for one reason or the other. However, it is good to be watchful.
Always Opt for Email Notification for Each transaction:
When you create an account with any of the money processing companies, always set your preferences for email notification per each transaction. If somebody transfers money without your knowledge, you shall get an immediate email notification. You can contact the company admin and they may be helpful in some cases.
9. Always Use Complicated Passwords:
Sometimes hackers use codes to break into your secure accounts. It is much better to use complicated passwords which not only include digits but also a mix of capital and small letters.
Whatever measure you adopt, you can’t guarantee that your secure accounts shall not be hacked. The best advice is to keep as little money as possible in your money processing accounts. If your accounts are hacked you shall lose very little.
10- Don't Give Your Downloadable Return Page
I have seen some newbies providing their download page as their return page for the StormPay button to make the access INSTANT. It is dangerous because StormPay shows your return page in the source code of your web-page. There is particular part of a StormPay payment button at my website:
If your return URL is your download page for 'INSTANT ACCESS" anyone can download your products without paying you a penny. Some people have reported such type of problem with the PayPal too but I don't use their services so I can't comment about them.
Published without permission of Saqib Ali, but I'm sure he won't mind as this information is so important everybody should be able to read it.
If any of you have more suggestions you would like to see on this page, please send them to berry@detailshere.com and I will post them.