Full Version: e-gold hackers
Everyday someone has been trying to access my e-gold account for about 4 days now. Of course they won't be able to get in since the password is not saved anywhere and is not the same as any other program I am signed up to. However it annoys me that someone keeps trying to get into it. It could be someone from the e-gold forum since I am signed up there but I don't want to blindly point fingers.
QUOTE (Mugzzzy @ Apr 14 2003, 12:36 PM)
Everyday someone has been trying to access my e-gold account for about 4 days now. Of course they won't be able to get in since the password is not saved anywhere and is not the same as any other program I am signed up to. However it annoys me that someone keeps trying to get into it. It could be someone from the e-gold forum since I am signed up there but I don't want to blindly point fingers.
Get hold of egold and ask them for a list of IP's that have tried to access your account. You should be able to get a list from them in reguards to this.
OK, dumb question....
How do you know someone has tried to access?
How do you know someone has tried to access?
When you log in, it tells you the date of the last invalid login.
QUOTE (bomberman @ Apr 14 2003, 12:38 AM)
When you log in, it tells you the date of the last invalid login.
Thanks!
I never noticed that before but I will now!
QUOTE (akhurley @ Apr 14 2003, 05:13 PM)
QUOTE (bomberman @ Apr 14 2003, 12:38 AM)
When you log in, it tells you the date of the last invalid login.
Thanks!
I never noticed that before but I will now!
IF you havent noticed it before it means no one has tried.
What you do is now and then accidently try to log in with hte wrong passphrase, it logs and a time stamp appears in GMT. If someone then tries to access, it will change that time, you then know instantly if someone did..
Hmm... My password is different than any others and it isn't saved anywhere, either... but my money's gone now. 
I sent an email, but haven't heard anything from them yet.
Does anyone ever get these things fixed? Or should I just forget about it?
I sent an email, but haven't heard anything from them yet.
Does anyone ever get these things fixed? Or should I just forget about it?
QUOTE (aloralyric @ Apr 14 2003, 06:50 PM)
Hmm... My password is different than any others and it isn't saved anywhere, either... but my money's gone now.
I sent an email, but haven't heard anything from them yet.
Does anyone ever get these things fixed? Or should I just forget about it?
I sent an email, but haven't heard anything from them yet.
Does anyone ever get these things fixed? Or should I just forget about it?
IF you contact them by phone it might be quicker, their number is up on the site in the FAQ section.
I sent e-gold a request for the IP list. Thanks for the idea, Jaikula.
QUOTE (aloralyric @ Apr 14 2003, 04:20 PM)
Hmm... My password is different than any others and it isn't saved anywhere, either... but my money's gone now.
I sent an email, but haven't heard anything from them yet.
Does anyone ever get these things fixed? Or should I just forget about it?
I sent an email, but haven't heard anything from them yet.
Does anyone ever get these things fixed? Or should I just forget about it?
Maybe you got a virus in your PC which enables the hacker to see your password clearly when you login.
Someone tried mine yesterday as well
The last invalid login attempt on this account occurred:
4/13/03 10:13:15 AM GMT
Also a virus email was sent to Amyzoo in my name by way of GTP Boycott forum....I never even go to that forum unless its to follow a link from one of these threads
The last invalid login attempt on this account occurred:
4/13/03 10:13:15 AM GMT
Also a virus email was sent to Amyzoo in my name by way of GTP Boycott forum....I never even go to that forum unless its to follow a link from one of these threads
QUOTE (Shelly @ Apr 14 2003, 11:29 PM)
Someone tried mine yesterday as well
The last invalid login attempt on this account occurred:
4/13/03 10:13:15 AM GMT
Also a virus email was sent to Amyzoo in my name by way of GTP Boycott forum....I never even go to that forum unless its to follow a link from one of these threads
The last invalid login attempt on this account occurred:
4/13/03 10:13:15 AM GMT
Also a virus email was sent to Amyzoo in my name by way of GTP Boycott forum....I never even go to that forum unless its to follow a link from one of these threads
Sent from the forum, or with the forum's email addy.
Reason I ask is that there are a lot of worms out there now like Klez and such that just pick up the email addresses from your system, dump them in the TO: and From: then that's it.
Sometimes though you can find out just who the originator is by checking the Return-Path: in the headers. Sometimes it shows their email address, sometimes it doesnt. But on the off chance that it does you can contact them that way. I managed to get hold of one person who had no idea they had the worm on their system, but were grateful for me contacting them. It was lucky as well since people had complained to their ISP and the ISP was going to pull their plug, they were on cable.
When you log into E-gold you should always use SRK, it prevents keyloggers from getting your password. I always do it even though it does take a little longer. Also, you can use it to catch a scam spend page because the ones on those pages never work.
Man this is awful!! Checking mine now. Maybe if enough people report about it maybe they will look into it.
Julie
Julie
Me too:
The last invalid login attempt on this account occurred:
4/4/03 1:16:14 AM GMT
am using the SRK everytime now.
They wouldn't get much if they did get in - but that stuff sucks
The last invalid login attempt on this account occurred:
4/4/03 1:16:14 AM GMT
am using the SRK everytime now.
They wouldn't get much if they did get in - but that stuff sucks
Uh, SRK???
Heck, my invalid login attempts are all MINE, lol, I keep forgetting my pw.
Heck, my invalid login attempts are all MINE, lol, I keep forgetting my pw.
i am maybe a little dumb but what is SRK?
HOLY#$@%!! Some a$$ has tried to get into mine also,this the first time since I have had my account. This really pi$$'$ me off to know end!!!
The last invalid login attempt on this account occurred:
4/11/03 12:05:13 AM GMT
i now it can be a pain but i have found that having two e-gold account's is better than one,
i use one to give companys info on were to pay me then when i'm payed i move it to the other account, so i know that number is safe as i've never given it out to anyone.
so far, so good no one has tryed that number.....
i use one to give companys info on were to pay me then when i'm payed i move it to the other account, so i know that number is safe as i've never given it out to anyone.
so far, so good no one has tryed that number.....
To those wondering what the SRK is...no offence, but have you ever read the e-gold login page, or their security screens?
The icon is right next to the passphrase entry box - a blue circle with the letters SRK in it. Click on it, it pops up a sort of "virtual keyboard" that you use your mouse to click on. It means you don't have to type in your password, so any sort of keylogger or trojan on your system can't capture your passphrase from you typing it.
Oh, and temperance's idea is a *very* good one...and as e-gold lets you have multiple accounts, it's probably one of the best security measures you could have.
QUOTE
Use e-gold's SRK click-to-enter window to thwart keystroke loggers and common viruses.
The icon is right next to the passphrase entry box - a blue circle with the letters SRK in it. Click on it, it pops up a sort of "virtual keyboard" that you use your mouse to click on. It means you don't have to type in your password, so any sort of keylogger or trojan on your system can't capture your passphrase from you typing it.
Oh, and temperance's idea is a *very* good one...and as e-gold lets you have multiple accounts, it's probably one of the best security measures you could have.
In reply to my request for a list of invalid login IP's, I got this:
QUOTE
An invalid login attempt is really nothing to be concerned with as it was
just that, invalid. This is usually due to another account holder simply
mistyping their own account number.
e-gold Service
just that, invalid. This is usually due to another account holder simply
mistyping their own account number.
e-gold Service
QUOTE
An invalid login attempt is really nothing to be concerned with as it was
just that, invalid. This is usually due to another account holder simply
mistyping their own account number.
e-gold Service
just that, invalid. This is usually due to another account holder simply
mistyping their own account number.
e-gold Service
Yeah don't worry--worry when they DO access your acct!
No, it is better to start worrying before it is too late.
QUOTE (karlata @ Apr 15 2003, 05:06 PM)
To those wondering what the SRK is...no offence, but have you ever read the e-gold login page, or their security screens?
The icon is right next to the passphrase entry box - a blue circle with the letters SRK in it. Click on it, it pops up a sort of "virtual keyboard" that you use your mouse to click on. It means you don't have to type in your password, so any sort of keylogger or trojan on your system can't capture your passphrase from you typing it.
Oh, and temperance's idea is a *very* good one...and as e-gold lets you have multiple accounts, it's probably one of the best security measures you could have.
QUOTE
Use e-gold's SRK click-to-enter window to thwart keystroke loggers and common viruses.
The icon is right next to the passphrase entry box - a blue circle with the letters SRK in it. Click on it, it pops up a sort of "virtual keyboard" that you use your mouse to click on. It means you don't have to type in your password, so any sort of keylogger or trojan on your system can't capture your passphrase from you typing it.
Oh, and temperance's idea is a *very* good one...and as e-gold lets you have multiple accounts, it's probably one of the best security measures you could have.
no offence but if you are on dial up it takes forever for the srk to even load so yes it was a looooooooooong time before I saw what everyone was talking about
Am worried. Not that I have a fortune in e-gold, but dont wanna lose my money!
Have never used SRK, but am trying it now... to see how long it takes
I have at times when typing fast mistyped my e-gold number and clicked on login, so someone elses e-gold ac will show an invalid login. Also I have at several times had an error during the login due to typos in passwordsor in turing number. So the last invalid login in myaccount is ususally my own. Do they have a log of all invalid logins?
Have never used SRK, but am trying it now... to see how long it takes
I have at times when typing fast mistyped my e-gold number and clicked on login, so someone elses e-gold ac will show an invalid login. Also I have at several times had an error during the login due to typos in passwordsor in turing number. So the last invalid login in myaccount is ususally my own. Do they have a log of all invalid logins?
I guess they don't have logs of invalid log in attempts. Here is the response I got today.
QUOTE
We cannot provide the information you request. If you feel your account is
at risk perhaps you may want to be sure you are following the proper
security measure to keep a failed login attempt from becoming actual access
to your account.
Below are the only ways an account can be compromised. These can easily be
prevented with proper security precautions.
1) Never give your passphrase to anyone unless you want that individual to
have total control of your account.
2) Your passphrase should never be used as the password for anything else.
3) Please visit http://www.anti-trojan.net to run a scan of your computer to
see if it has a virus. You should also ensure that your anti-virus software
is up to date then run your virus software to see if your computer is
infected. I would also suggest going to www.pspl.com and downloading their
virus software.
If your passphrase is changed using the "SRK" feature and the account is
only accessed using the "SRK" feature, then your passphrase should be
protected even if there is a Trojan virus on your computer. To change your
passphrase using the "SRK" feature.
a. Log into your account using your current passphrase.
b. Click on the button that says, "account info"
c. Scroll down to passphrase box and click in the box.
d. Click on the button that says SRK
e. A small window will pop up on your screen
f. Enter your new passphrase by clicking on the numbers, letters or symbols
in the pop-up window. You will see *** being added to the passphrase box as
you use your mouse to click on the numbers, letters or symbols. *See note
g. When ready to confirm your passphrase click on the arrow on the bottom
right hand corner of the pop-up window.
h. Confirm new passphrase using the same procedure you followed in item #6.
i. Click update passphrase.
*Note: For upper case letter click on the upper case "ABC", for lower case
letters click on the lower case "abc", for numbers click on the "123", for
symbols click on the "sym"
4) Ensure you have all the critical updates to your browser.
To check for critical updates to your Internet Explorer Browser please
follow the below steps:
a. Open your IE browser and click on "Tools".
b. Click on "Windows Update". This will take you to the Microsoft Windows
Update page.
c. Click on "Product Updates" on the left side of the browser window.
d. Your computer will then be scanned to see what updates you need.
e. If there are any critical updates for your computer they will be listed.
f. Follow the procedures on the page to download the critical updates.
5) Please bookmark the correct e-gold site https://www.e-gold.com/ and only
access it via your bookmark or type it into your browser window. Also, never
access your e-gold account via an email message even if the message appears
to come from e-gold.
Regards,
e-gold Service
at risk perhaps you may want to be sure you are following the proper
security measure to keep a failed login attempt from becoming actual access
to your account.
Below are the only ways an account can be compromised. These can easily be
prevented with proper security precautions.
1) Never give your passphrase to anyone unless you want that individual to
have total control of your account.
2) Your passphrase should never be used as the password for anything else.
3) Please visit http://www.anti-trojan.net to run a scan of your computer to
see if it has a virus. You should also ensure that your anti-virus software
is up to date then run your virus software to see if your computer is
infected. I would also suggest going to www.pspl.com and downloading their
virus software.
If your passphrase is changed using the "SRK" feature and the account is
only accessed using the "SRK" feature, then your passphrase should be
protected even if there is a Trojan virus on your computer. To change your
passphrase using the "SRK" feature.
a. Log into your account using your current passphrase.
b. Click on the button that says, "account info"
c. Scroll down to passphrase box and click in the box.
d. Click on the button that says SRK
e. A small window will pop up on your screen
f. Enter your new passphrase by clicking on the numbers, letters or symbols
in the pop-up window. You will see *** being added to the passphrase box as
you use your mouse to click on the numbers, letters or symbols. *See note
g. When ready to confirm your passphrase click on the arrow on the bottom
right hand corner of the pop-up window.
h. Confirm new passphrase using the same procedure you followed in item #6.
i. Click update passphrase.
*Note: For upper case letter click on the upper case "ABC", for lower case
letters click on the lower case "abc", for numbers click on the "123", for
symbols click on the "sym"
4) Ensure you have all the critical updates to your browser.
To check for critical updates to your Internet Explorer Browser please
follow the below steps:
a. Open your IE browser and click on "Tools".
b. Click on "Windows Update". This will take you to the Microsoft Windows
Update page.
c. Click on "Product Updates" on the left side of the browser window.
d. Your computer will then be scanned to see what updates you need.
e. If there are any critical updates for your computer they will be listed.
f. Follow the procedures on the page to download the critical updates.
5) Please bookmark the correct e-gold site https://www.e-gold.com/ and only
access it via your bookmark or type it into your browser window. Also, never
access your e-gold account via an email message even if the message appears
to come from e-gold.
Regards,
e-gold Service
I had my egold hacked last month. Lost $6. Everybody should use this http://www.anti-trojan.net. I found a trojan. traced the crook back to India
edited......
QUOTE (Shelly @ Apr 16 2003, 08:51 PM)
no offence but if you are on dial up it takes forever for the srk to even load so yes it was a looooooooooong time before I saw what everyone was talking about
Fair point.
Isn't it worth the extra time for the extra security, though?
When you get hacked and loose 100's of dollars (just like me), then contact them you get this email:
I found out who it was who hacked my account, I got some of it back($100 of it alteast( there was about $333 stolen)), and that was just this weekend, If the guy is reading this thread, he's best to watch his back, I told some mates about you
I say thank god for friends..
I haven't requested a court order to secure any information, to get my money back, I am going to stu over it for a little longer then what I told him, after thinking about it, If my mates want to play with machines, its there choice(I don't presure them), I still want my money back..
When contacting e-gold all you get is a value limit set on their account, we all know how easy it is to create a second one(I some how doubt the terms worry them,when it comes to not avoiding balance limits)
QUOTE
We have placed a value limit on the account associated with the fraud to
prevent it from receiving additional funds. However, e-gold Ltd. (e-gold)
is contractually prohibited from releasing e-gold account records, freezing
e-gold accounts, or reversing e-gold spends in the absence of a court order
or subpoena.
You might want to consider obtaining some combination of help from a legal
professional or your local law enforcement to obtain court order.
If you obtain a court order, it should request e-gold Ltd. to:
1. Investigate to determine identity of perpetrator that defrauded you. This
should include any information in database regarding the identity of person
or persons controlling the e-gold account numbers listed in your e-mail
below, including but not limited to IP numbers and timestamps used in
accessing this account and/or other accounts found to be controlled by the
same person(s).
2. Stabilize value if possible and report on the disposition of, and the
prospect for recovery of, the fraudulently obtained e-gold.
This court order should be presented by fax (initially) and then with hard
copy to:
e-gold Ltd.
c/o The Office of the Shareholders
Attn: Hil de Frias
Mello, Jones & Martin
Reid House 31 Church Street
Hamilton
Bermuda, HM 12
441 296-4172 FAX
Also, please fax a copy of any subpoena or court order issued to e-gold Ltd
to the e-gold due diligence unit at 321-951-0790.
Below are some ways an account can be compromised. These can easily be
prevented with proper security precautions.
1) Never give your passphrase to anyone unless you want that individual to
have total control of your account.
2) Your passphrase should never be used as the password for anything else.
3) Please visit http://www.anti-trojan.net to run a scan of your computer to
see if it has a virus. You should also ensure that your anti-virus software
is up to date then run your virus software to see if your computer is
infected. I would also suggest going to www.pspl.com and downloading their
virus software.
If your passphrase is changed using the "SRK" feature and the account is
only accessed using the "SRK" feature, then your passphrase should be
protected even if there is a Trojan virus on your computer. To change your
passphrase using the "SRK" feature.
a. Log into your account using your current passphrase.
b. Click on the button that says, "account info"
c. Scroll down to passphrase box and click in the box.
d. Click on the button that says SRK
e. A small window will pop up on your screen
f. Enter your new passphrase by clicking on the numbers, letters or symbols
in the pop-up window. You will see *** being added to the passphrase box as
you use your mouse to click on the numbers, letters or symbols. *See note
g. When ready to confirm your passphrase click on the arrow on the bottom
right hand corner of the pop-up window.
h. Confirm new passphrase using the same procedure you followed in item #6.
i. Click update passphrase.
*Note: For upper case letter click on the upper case "ABC", for lower case
letters click on the lower case "abc", for numbers click on the "123", for
symbols click on the "sym"
4) Ensure you have all the critical updates to your browser.
To check for critical updates to your Internet Explorer Browser please
follow the below steps:
a. Open your IE browser and click on "Tools".
b. Click on "Windows Update". This will take you to the Microsoft Windows
Update page.
c. Click on "Product Updates" on the left side of the browser window.
d. Your computer will then be scanned to see what updates you need.
e. If there are any critical updates for your computer they will be listed.
f. Follow the procedures on the page to download the critical updates.
5) Please bookmark the correct e-gold site https://www.e-gold.com/ and only
access it via your bookmark or type it into your browser window. Also, never
access your e-gold account via an email message even if the message appears
to come from e-gold.
Regards,
e-gold Service
prevent it from receiving additional funds. However, e-gold Ltd. (e-gold)
is contractually prohibited from releasing e-gold account records, freezing
e-gold accounts, or reversing e-gold spends in the absence of a court order
or subpoena.
You might want to consider obtaining some combination of help from a legal
professional or your local law enforcement to obtain court order.
If you obtain a court order, it should request e-gold Ltd. to:
1. Investigate to determine identity of perpetrator that defrauded you. This
should include any information in database regarding the identity of person
or persons controlling the e-gold account numbers listed in your e-mail
below, including but not limited to IP numbers and timestamps used in
accessing this account and/or other accounts found to be controlled by the
same person(s).
2. Stabilize value if possible and report on the disposition of, and the
prospect for recovery of, the fraudulently obtained e-gold.
This court order should be presented by fax (initially) and then with hard
copy to:
e-gold Ltd.
c/o The Office of the Shareholders
Attn: Hil de Frias
Mello, Jones & Martin
Reid House 31 Church Street
Hamilton
Bermuda, HM 12
441 296-4172 FAX
Also, please fax a copy of any subpoena or court order issued to e-gold Ltd
to the e-gold due diligence unit at 321-951-0790.
Below are some ways an account can be compromised. These can easily be
prevented with proper security precautions.
1) Never give your passphrase to anyone unless you want that individual to
have total control of your account.
2) Your passphrase should never be used as the password for anything else.
3) Please visit http://www.anti-trojan.net to run a scan of your computer to
see if it has a virus. You should also ensure that your anti-virus software
is up to date then run your virus software to see if your computer is
infected. I would also suggest going to www.pspl.com and downloading their
virus software.
If your passphrase is changed using the "SRK" feature and the account is
only accessed using the "SRK" feature, then your passphrase should be
protected even if there is a Trojan virus on your computer. To change your
passphrase using the "SRK" feature.
a. Log into your account using your current passphrase.
b. Click on the button that says, "account info"
c. Scroll down to passphrase box and click in the box.
d. Click on the button that says SRK
e. A small window will pop up on your screen
f. Enter your new passphrase by clicking on the numbers, letters or symbols
in the pop-up window. You will see *** being added to the passphrase box as
you use your mouse to click on the numbers, letters or symbols. *See note
g. When ready to confirm your passphrase click on the arrow on the bottom
right hand corner of the pop-up window.
h. Confirm new passphrase using the same procedure you followed in item #6.
i. Click update passphrase.
*Note: For upper case letter click on the upper case "ABC", for lower case
letters click on the lower case "abc", for numbers click on the "123", for
symbols click on the "sym"
4) Ensure you have all the critical updates to your browser.
To check for critical updates to your Internet Explorer Browser please
follow the below steps:
a. Open your IE browser and click on "Tools".
b. Click on "Windows Update". This will take you to the Microsoft Windows
Update page.
c. Click on "Product Updates" on the left side of the browser window.
d. Your computer will then be scanned to see what updates you need.
e. If there are any critical updates for your computer they will be listed.
f. Follow the procedures on the page to download the critical updates.
5) Please bookmark the correct e-gold site https://www.e-gold.com/ and only
access it via your bookmark or type it into your browser window. Also, never
access your e-gold account via an email message even if the message appears
to come from e-gold.
Regards,
e-gold Service
I found out who it was who hacked my account, I got some of it back($100 of it alteast( there was about $333 stolen)), and that was just this weekend, If the guy is reading this thread, he's best to watch his back, I told some mates about you
I say thank god for friends..
I haven't requested a court order to secure any information, to get my money back, I am going to stu over it for a little longer then what I told him, after thinking about it, If my mates want to play with machines, its there choice(I don't presure them), I still want my money back..
When contacting e-gold all you get is a value limit set on their account, we all know how easy it is to create a second one(I some how doubt the terms worry them,when it comes to not avoiding balance limits)
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.