Hackers?
doubledragon
Posts: 22,976 ✭✭✭✭✭
So, the past few weeks I have been poking around online, looking for certain cards that I can't find on eBay. There is a website I clicked on, and they have a pretty rare boxing card that I want. I'm pretty sure the webite is legit because the people that run it are reputable sellers on eBay, but when I clicked on their website, a thing took control of the website and sent me to a page that says, "congratulations you're the Google 5 billionth search, claim your prize!" I couldn't get rid of the page and had to turn off my phone and reset it just to get rid of it. This is very frustrating because I know the website and sellers are legit, but there's no way I'm typing my credit card information into that website after seeing that. Have you ever had the Google 5 billionth thing pop up on you? Here is what it looks like:
Comments
I’ve had that happen to my IPhone a few times, when it’s happened I just X out and start over, usually that works just fine
PM me the info and I can see if it happens when I try Double D...
Stupid popup ads, I hate those, and they are largely not legit - especially that particular one.
Yes, I just entered the name of the website into google search and when it brought up the website thing to click on to go to the website, it now says in yellow letters underneath it, "this website may have been hacked."
The name of the website is: Aaron to Zito
This is a shame because I know they're legit sellers.
My understanding about this, is that it's not actually the website that usually gets hacked, it's the server, in particular a shared server. And yes, providing your info would have likely been giving it to some foreign scammer somewhere living in parts unknown.
I will shamefully admit I played along with one of these thinking I actually won a $1000 Walmart Gift card. I got to the last step and realized I was an idiot. Since then I have been on a rampage with telemarketing schemers trying to play me, I actually listen and answer the robotic voice on the other end until I get a live person and ask them a ton of questions letting them think I’m naive and get to the point that they are ready for the last few fake numbers of a CC and tell them in so many words where they can go ☺️
I would think that if they're offering rare boxing cards, they should have a phone number.
Actually ordering by phone is the safest way to provide someone credit card information, away from possible prying eyes.
I know what you mean, there was a scam artist about a year ago that a scammer called my mother and ended up getting her to buy a $100 googleplay card and giving him the some kind of information. She bought the card and when I found out about it, I was livid. I ended up calling him and I could tell he was from another country by his accent. I gave him a big piece of my mind. I still get angry when I think about it.
Well, they mainly sell PSA graded baseball cards, really nice cards, high quality PSA 10 stuff. They have some of the nicest PSA 10 cards I've ever seen. They have a few ungraded raw cards from other sports as well.
These no good scam artists, they really crossed the line this time. I've got ways of getting my revenge. I've know how to make voo doo dolls, I have a recipe book for spells, I even have connections to gypsies. You don't screw with a gypsy, they'll put a curse on you. Man, I was all ready to buy that Larry Holmes card, and now these no good swindlers have taken over the website. Double D is upset!
Advertising servers (google ads) can get these inserted in the ad rotation as well.
i did a little research and it does appear that website has been hacked.
by Mike Schmidt...
George Brett, Roger Clemens and Tommy Brady.
I have been poking around, and apparently Google is responsible for flagging their website as "this site may be hacked. I found an interesting article about this:
“This Site May Be Hacked” are words no webmaster or SEO manager wants to hear. As if a breach to an enterprise’s website (and the financial cost and public relations fallout associated with it) is not bad enough, a site hacked with malware or spam can cause an entity’s organic search engine rankings to take a nosedive. As one of the objectives of an effective SEO plan is to obtain and then maintain a presence on the first page of a web search query, compromised websites that feature viral links to a hacker’s site, or hacks that result in the quarantining of a website, can have a devastating effect on an enterprise’s SEO.
To understand how hacking can damage an enterprise’s SEO efforts, it is helpful first to understand what a website hack is, and how it most commonly occurs. Simply put, unauthorized hacking is defined as obtaining access to a website or computer network without the permission of its owner. Illegal hacks are typically initiated for the purpose of accessing protected information, or for using a legitimate site as a conduit to redirect users to a hacker’s website. The two primary tools used by hackers to compromise a website are malware and spam.
Malicious software, or malware, is designed to damage, disable, or otherwise grant an unauthorized user access to a computer, system, or network. Malware is most often used to covertly siphon sensitive information, resulting in a data breach. The ramifications of a malware hack on an enterprise’s website can be serious and far-reaching.
Illegal hackers are computer programmers or engineers who use their knowledge of software and operating systems for nefarious purposes rather than for good. These hackers dissect computer programs to identify vulnerabilities within existing software and then create a new program (malware) with the sole purpose of exploiting those weaknesses. A hacker will distribute this malicious software across the internet, where it will automatically search the web for sites using the vulnerable software. If a site is running the targeted software, the site is attacked by the malware, which discreetly embeds itself into the operating code, giving the hacker access to the system. With control of the system, the hacker has the potential to harvest sensitive data critical to an enterprise’s operations or to begin spamming from the website.
Website hacked with a Padlocked KeyboardWebsite spamming occurs when a hacker inserts hypertext on a webpage that, when selected by a site user, links to the hacker’s desired destination. Embedding spammy links on highly trafficked websites to redirect users to a hacker’s site increases the hacker’s search engine rankings, without having to do the honest, expensive, and time-consuming work of marketing and brand-building. Essentially, website spammers are the bad guys who use the good guy’s hard-earned SEO rankings and positive reputation to shortcut the system as a way to increase the perceived value of their own site, while diminishing the ranking value of the guy who has played fair.
Consequences of a hacked website
At the end of the day, whether a website has been hijacked by malware, spam, or a combination of both, the results are never good. If a malware infection targets database files containing the personal or financial information of the enterprise or its clients, the resulting security breach can be devastating. Spammers that leech traffic and customers from a legitimate website can exact a high cost on an entity’s search rankings, which in turn means fewer organic visitors to a site, potentially reducing revenue for an enterprise.
Google and other major search engines construct algorithms to recognize sites infected with malware automatically. While this proactive approach to identifying viral websites is great for the search engine user, the result for an unwitting entity whose site has been hacked is that the search engine will quarantine a website that the algorithm deems as compromised. Quarantined websites come with a warning to search engine users to avoid clicking-through to the blacklisted site, as it contains content from a known malware distributor. As a result of the malware infection warnings, blacklisted websites are estimated to see a drop in traffic on the order of 95%.
Malware infections can not only be time-consuming to repair but can also prove very costly to an enterprise, in ways both tangible and intangible. Each day that a website is quarantined or offline in order to trace and remove malware translates to another day of losses for the enterprise with respect to customers, revenue, and the public’s trust. Further delays can occur after malware, and spammy links have been cleaned from a site. Search engines must verify that a website is no longer compromised before rescinding its quarantine status, a process which can take up to a couple of weeks depending on the size and complexity of the website in question.
I sent Aaron to Zito a message through ebay telling them that their website has been flagged as having been hacked. I don't know any other way to contact them. I asked them if they could pull the card from their website and list it on ebay. We'll see what they say, this should be very interesting.
They might have ways to contact them on their website, but quite frankly, I don't want to click on their website because there's no telling what might happen. I don't want a virus infecting my phone or something.
UPDATE: I have received a message back from the seller and he says that they have caught 1 hacker and that the website is updated and secure. The thing is, the "this site may be hacked" message still is still there, Google has not removed it. I still don't trust it. I'm not entering my credit card information into that website. There could be prying eyes watching. Yes, hackers have peepers that they use to watch with, and I don't trust it. We'll see if the message gets removed, but right now, I'm not going to do it. Like I said, hackers have peepers, and they use them to watch with!
4:38 p.m. "This site may be hacked ".
5:25 p.m. "This site may be hacked".
6:43 p.m. "This site may be hacked".
I did look at their website a few hours ago. Figured i'd try to find the phone number for you in case you may have missed it, and i wasn't getting any scam message such as that. It loaded and presented just like a normal website.
BTW, i didn't see any phone number on there.
For some reason, when I type Aaron to Zito in the Google search box and hit enter and it brings up their link, under the link it still says "This site may be hacked". It scares me Steve, that message is scaring me. The guy said the site is secure, but I just don'tlike that message being there. They're watching, I just know it. They're circling around my credit card like vultures around a desert carcass. Double D is laying in the desert, and the vultures want his credit card information!
8:43 p.m. "This site may be hacked".
I logged in today a happy Dragon, I log out a frustrated primate!
https://malwaretips.com/blogs/remove-youve-made-the-5-billionth-search/
Read the above and see if it helps.
Also Google "youve-made-the-5-billionth-search" and you'll see some info on this. You're not alone.
In my opinion, the scam message may be planted on your computer.
Not sure if your computer is capable of doing a "system restore" but that may remove this off your computer. It will restore your computer back to a certain date, say two weeks ago. Be careful with the system restore as to not check off restoring your computer to its original condition, or basically everything gets removed. It's like you just bought the computer brand new.
Remember the old adage, never click anything on a computer unless you're 100% sure what will happen. So read very carefully about using the system restore before proceeding.
Also that Malwarebytes is pretty good. Just use the free version. I don't have it on my new computer for various reasons, but i had it on several of my older computers. What is does it doesn't technically remove the malware, but it freezes it so to speak to render it benign. I'm not 100% sure if Malwarebytes will work with this particular malware, but it won't hurt your computer at all. It could slow your computer a little bit - if it does and you don't like it just uninstall it. Also, you may get a small popup when you turn the computer on because of course they want you to buy the pay version, but that was never a big deal to me. That popup one time when turning on your computer is infinitely better than malware popups.
Really hate to tell you this, but websites offering meme's, emoji's, gifs, etc and fun things such as that are notorious for adware and malware. Stick with only the top websites offering these things for download - they are clean. Lesser known websites, well you may download something else along with what is wanted. That is what may have happened here.
.
@stevek Thank you for bringing this to @doubledragon 's attention. Just the other day, I had to remind him to stay on top of breaking sports news. I hope he understands that , we are not micromanaging him, but only giving him some tough love. 💪❤️💪❤️
UPDATE: 5:11 a.m. The "This site may be hacked" message has been removed! It looks like Google finally removed the message last night. Thank you @stevek for the assistance and help you provided in this matter, I do appreciate it, and I will be looking into the Malwarebytes because a lot of these websites are potentially harmful. Also thank you @perkdog for your assistance. I must admit though, I'm still hesitant to buy anything from a website that was just hacked, because it worries me that someone could still be watching. Once you enter your credit card number into a website, it's too late to turn back. I will be thinking about this before making a decision.
Double D, if he takes PayPal I would try that, what’s even better is PayPal credit option. I buy a lot of stuff from gun manufacturers, not so much firearms but parts and other gear and with Covid a lot of these companies literally have shut their phones off and only communicate via email and are very slow to ship and communicate so everything I buy is done through PayPal credit, I believe it’s the most hassle free way of filing a claim without tying up your money. I get 6 months interest free on purchases as long as I pay the balance off within 6 months, I bought a few items $600+ from a company and they refused to communicate and wouldn’t allow me to cancel a transaction after a month of waiting without any communication, I filed a claim through PayPal and got my money back hassle free, and it was just credit so it didn’t interrupt my finances whatsoever. Just throwing that option out there
I noticed on his website, he doesn't have PayPal, the only way to pay is by entering your credit card number. I would feel a lot safer if he had PayPal on his website, I use PayPall all the time. I'm probably going to contact him and see if he has a personal PayPal account and try to get it done that way. I don't want anything to do with that website after being hacked like that.
Strange that the guy wouldn't offer PayPal in this day and age, but i guess he has his reasons.
Especially selling cards in which of course Ebay/Paypal was there for many years and so many card collectors who bought from Ebay have a PayPal account.
Yes, it is very strange. When I buy cards outside of ebay, I always use Paypal. When I noticed there was no Paypal on the website, I didn't like it. I mean, like you said, he probably has his reasons, but I still feel more protected using Paypal.
UPDATE: I went ahead and ordered the card from his website and everything is ok. His website is secure and sometimes you have to have faith and trust in people, and I know this man and his family to be honest people and I trust him when he says things are ok. My rare Larry Holmes card is on the way as we speak. As for the scum that hacked his website, I only have one thing to say about that.