O/T TROJAN HORSE VIRUS from Sports Illustrated website
blue227
Posts: 185 ✭✭
My PC was recently hacked by someone who was able to activate a trojan horse virus that i downloaded by accident from the SI website. The Sports Illustrated website has (had?) a feature in which you can download a revolving wallpaper program in which your PC's wallpaper changes every few seconds with a different sports image. After installing the revolving wallpaper feature, I decided I didn't like it and uninstalled the program. However, using a trojan horse detection program i learned that the DL brought with it a virus that allowed someone to remotely access my PC and steal a lot of personal info. The hacker then signed up for a PayPal credit card, linked it to my PP account, and made a charge for just under $1,000.
I wasn't aware that the credit card acct was opened or that it was being used since the hacker went into my email settings and blocked all incoming emails from PayPal and GE Credit (the company that issued the PP credit card). I only found out what happened when i got a message from a credit monitoring service that i subscribe to tellling me that a change had been made to my credit history.
I had written an earlier post on this BBS asking if anyone knew if PP had any system problems that might explain why i wasn't receiving any confirmation emails for sending or receiving funds. I called PP and they confirmed have been no prolonged system problems that would explain why i wasn't receiving them. If you're not receiving emails from PP, it might be for the same reason that i experienced so check your email settings to make sure that nothing is being blocked without your knowledge.
PayPal has already gotten back to me and refused the cancel the bogus charge since, in their investigation, they came to the conclusion that it wasn't an unauthorized charge since it looks like Ii signed up for the PP credit card and used it to buy something ( not an immaterial amount ---- just under $1,000). I think the reason why they thought this is that the hacker used the PP mailing option to make it look like they have already sent me the item via parcel post and signature confirmation. I can go to the USPS website and see that the postal service is claiming that they received something for delivery on the day after the bogus charge was made. I've heard how PP won't want to issue a refund if there is proof that a person receives an item from a seller so I won't sign for it so that there is no proof of receipt on my end.
PP has told me that i need to resolve the situation with the hacker by trying to negotiate with the hacker as if it was an eBay transaction gone bad. I can't do this as a non-delivery of goods since the hacker made it look like they sent me something. The only other option i have is to file as "item not as described" which then makes it look like i actually purchased something and wasn't happy with it after it arrived. I basically don't have a good option here.
I can't remove the bogus PP credit card from my PP acct since I don't have the card's ID and password so it is still sitting there as a payment option. I also don't know which security questions were used so it's not as though i can call up GE Credit and ask to make changes to the account.
In the worst case, i could end up going into default on this credit card since i won't be receiving any statements or bills for it in the mail. My credit history might take a hit so i am trying to figure out how to protect this from ruining my credit ranking.
FOR FIREFOX USERS: I found out that the hacker changed my Firefox settings by going to the Security tab and checked a box so that Firefox maintains a list of ALL my passwords (even the ones that are obscured with black circles when you type them in or when you select "No" when a pop up window asks if your password to be saved (so that you won't have to retype it in the future). Basically, assuming the hacker went back into my PC to check this list, the person probably has ALL my website passwords. Check you security settings to make sure that this box is not checked.
I also made the mistake of using the same password for several different websites. A bad choice on my part since i could end up getting hosed from several different companies.
Beware of what you download from the internet even if you think you're dealing with what you'd expect to be a reputable website (Sports Illustrated). I thought such a major site would be safe but apparently was very wrong.
I wasn't aware that the credit card acct was opened or that it was being used since the hacker went into my email settings and blocked all incoming emails from PayPal and GE Credit (the company that issued the PP credit card). I only found out what happened when i got a message from a credit monitoring service that i subscribe to tellling me that a change had been made to my credit history.
I had written an earlier post on this BBS asking if anyone knew if PP had any system problems that might explain why i wasn't receiving any confirmation emails for sending or receiving funds. I called PP and they confirmed have been no prolonged system problems that would explain why i wasn't receiving them. If you're not receiving emails from PP, it might be for the same reason that i experienced so check your email settings to make sure that nothing is being blocked without your knowledge.
PayPal has already gotten back to me and refused the cancel the bogus charge since, in their investigation, they came to the conclusion that it wasn't an unauthorized charge since it looks like Ii signed up for the PP credit card and used it to buy something ( not an immaterial amount ---- just under $1,000). I think the reason why they thought this is that the hacker used the PP mailing option to make it look like they have already sent me the item via parcel post and signature confirmation. I can go to the USPS website and see that the postal service is claiming that they received something for delivery on the day after the bogus charge was made. I've heard how PP won't want to issue a refund if there is proof that a person receives an item from a seller so I won't sign for it so that there is no proof of receipt on my end.
PP has told me that i need to resolve the situation with the hacker by trying to negotiate with the hacker as if it was an eBay transaction gone bad. I can't do this as a non-delivery of goods since the hacker made it look like they sent me something. The only other option i have is to file as "item not as described" which then makes it look like i actually purchased something and wasn't happy with it after it arrived. I basically don't have a good option here.
I can't remove the bogus PP credit card from my PP acct since I don't have the card's ID and password so it is still sitting there as a payment option. I also don't know which security questions were used so it's not as though i can call up GE Credit and ask to make changes to the account.
In the worst case, i could end up going into default on this credit card since i won't be receiving any statements or bills for it in the mail. My credit history might take a hit so i am trying to figure out how to protect this from ruining my credit ranking.
FOR FIREFOX USERS: I found out that the hacker changed my Firefox settings by going to the Security tab and checked a box so that Firefox maintains a list of ALL my passwords (even the ones that are obscured with black circles when you type them in or when you select "No" when a pop up window asks if your password to be saved (so that you won't have to retype it in the future). Basically, assuming the hacker went back into my PC to check this list, the person probably has ALL my website passwords. Check you security settings to make sure that this box is not checked.
I also made the mistake of using the same password for several different websites. A bad choice on my part since i could end up getting hosed from several different companies.
Beware of what you download from the internet even if you think you're dealing with what you'd expect to be a reputable website (Sports Illustrated). I thought such a major site would be safe but apparently was very wrong.
0
Comments
up the chain, until you get to the right person.
Do NOT try to communciate with the "hacker."
Do NOT take any action that could be construed as participation
in the order/receipt of any merch.
Get is resolved ASAP.
Write a 100-word statement and have it ready to send to the
three credit bureaus.
If PP gives you any carp, have your lawyer write them a letter
explaining the consequences of their negligence. I have litigated
claims against GE-Credit; they fold easy.
DON'T download stuff that has not been run through your best
checkware.