Internet hacking is rampant this days within our community!!!

I believe there is a very serious problem going on with people breaking into email accounts via PayPal, eBay and personal bank info (everything!)… I’m not sure how it’s done, but I do know once a hacker has your ip address you’re completely open to key-loggers (they have your passwords), monitoring (watch everything you do with out your knowledge) and a bunch of other unknown programs…


How do other collectors combat this very serious problem…

How computer savvy are you??

Most of the time these guys are getting your information because you are using a unsecure wireless connection in your home. They are picking off your info through your WIFI. Make sure this is secure and encrypted. They drive around areas with a laptop looking for good signals that are not password protected. As well never do anything in those free wireless coffee shops.

That's a good point, in the apartment complex I'm in I think I have the only encrypted wifi signal. It's just too easy for these guys.

No, I’m not talking about WIFI but that’s something to look into.


I think hackers get into other collectors computers to gain an advantage over the competition. Not only are they reading your personal emails but have access to all your families personal info (everything).

Here’s an example on how hackers can gain access to a non savvy collector who may not be aware of this behavior. I’ve been battling this sh@t for sometime now trying to figure out how they are gaining access to all of my families personal info.

Email: make sure your passwords are very strong; hacking programs can easily recover your passwords which are downloaded onto your computer. How? By opening attached files from your email account (photos’, etc…). So you think you’re safe because you got spyware, think again most spyware can be penetrated by up to date hacking programs…

Ip Address: Not sure how this is done but I think when sending emails to others there is a way to view the senders Ip address, probably by using some type of hacking program… So the hacker has your Ip address and is able to gain access to all of your private information (passwords, everything).

Monitoring programs: This program is downloaded most likely from your email when opening attached files onto your computer. This program uses your Ip address to gain a visual for the hacker (your browser when surfing, everything).

Key-logger: This program is downloaded most likely from your email when opening attached files onto your computer. So you think you are safe because you got a good anti-keylogger, think again most anti-keyloggers can be penetrated by up to date hacking programs (No key-scrambler doesn’t work)… Everything you type is being recorded (passwords, credit card info, everything).


So this might be a shock to some collectors and it should be!!! But what’s more shocking is NO ONE TALKING ABOUT THIS SERIOUS PROBLEM!!!

Having at least two anti-virus/anti-spyware programs is good. One catches what the other may miss. Luckily, there are decent free anti-spyware programs to use as the backup to the main program you pay for. Lavasoft Ad-Aware (spyware) and AVG Anti-Virus (spyware and virus) have good free versions that you can download.

I am sooooooo glad I have a Mac it gives me peace of mind.

Good points brad.. I thought of most of those types of attacks.. very common.. I have had my email and eBay accounts hacked before. I have had my debit card info snagged online and my wife had her debit card info snagged somehow. I don't think hers was snagged online, I think hers got got snagged via a retailer.. but were not sure.

How secure is Mac Bobby? My wife has been bugging me for a MAC but it seems those buggers (laptops) are twice the cost of the PCs.. ? :(

I have a Mac and have challenged a few computer savvy friends to try crack it through my wireless connection and they have been unsuccessful. I do take some security measures, my favorite is copying and pasting my passwords into the appropriate places rather than typing them in to foil keystroke programs if one should manage to slip by.

Rawn

1- I don't think Macs are hack-proof. I think that most hackers focus on and develop an expertise in hacking regular PCs because there are more of them out there. Kinda like more folks here know more about T206s than they know which of the T222 Fatimas are in the higher number and scarcer series. As a kid I spent some time in an automotive garage, and to keep me occupied one of the mechanics taught me a bit about lockpicking. We started with Yale locks, because they were more common. He started with easy ones so that I'd have a sense of accomplishment. He progressed to some difficult ones (normally I'd start with the back tumbler and work my way out, but he then offered a lock that I could not open at first, it had a spring loaded ball bearing that would follow the pick out, resetting the tumblers I'd set, this lock had to be picked from the outside in, necessitating care when weilding the pick). My point, you work the easy, familiar ones, the IBM based PCs... but you're fooling yourself if you think Macs can't be picked. Some guys out there focus on Macs, the other machines are too easy...

2- copying and pasting passwords does foil keystroke tracking software. But a hacker who gets into your PC, even a Mac, could roam around and find the file where you have your passwords from which you copy and paste, then they can do the same.

My passwords are not kept in a folder labeled "passwords". They are different sets of random letters and numbers/symbols located in documents. I don't feel that any brand of computers are without their faults.

Rawn

I live in a 3000 units co-op development in New York and there are about 300
unsecured wi-fi routers/network unsecured in my community, pretty scary. I don't have a wire-less rounter/network and my paypal account was still hacked.

1. Use a security software that has wireless network monitoring. I use Trend Micro and it is set up to notify if there is someone else not trusted on the wireless network.

2. Use alpha/numeric/symbols for all passwords, at least 8 - 12 characters in length.

3. Never, ever have your browser save passwords.

4. In your browser, enable deleting of files upon closing & do not save encrypted files to disk.

5. I never check "remember me" or "keep my logged in"

6. If you are hacked, get a new modem as information is stored there.

7. Use proxy browsing

8. Run CCleaner on start up

9. Occasionally run SIW for Windows

10. Run Trend Housecall once a month

11. Use Ad-aware & Malwarebytes once or twice a month

12. If you have been hacked, thought you cleaned the system and got hacked again, time to wipe the hard drive. And not just a reformat, completely shred the drive.

13. Use multiple email addresses. One for regular activities, one for public forums like these, one for banking, etc.

Concerning hackers breaking into a computer to read what another collector might be buying.....
I would have to see this to believe it. While the collectible market (all collectibles, antiques, stamps, etc) has high-end material and can get competitive, I do not see this, for lack of a better term, "crime wave."

I would be more concerned about PayPal, Ebay, bank cards and other items than someone wanting to acquire a Ty Cobb card.

You state..."I’ve been battling this sh@t for sometime now trying to figure out how they are gaining access to all of my families personal info."
If this true and your family's personal (banking, etc) info is out there, you need a new computer, modem, everything and start from scratch.

You can certainly do things to make it harder for those who wish to commit such crimes. However, in the world we live and all the information that is out there the bottom line is this: If they want it bad enough they will find a way to hack your system period! Just do not let them walk-in with the front door wide open. Good luck and be safe.

Honestly if someone has your ip address it isn't too big of a deal... you can also change your ip address with relative ease. They can be hidden via proxies. Also, use a firewall.

Additionally, copy and pasting a password into a password field actually may be less secure. Doing so would mean the password is in your clipboard and unless you clear that out after every instance, it would probably be more obvious. Keyloggers aren't incredibly common means of password-stealing anyway, I don't think. Generally it's more brute force I believe.

If you get an email from eBay/PayPal/your bank, PAY ATTENTION. Do not click through links in the email and enter your username and password. It is much more likely that a "hacker" is going to get your password through a phishing email than by someone breaking into your system, placing a keylogger, and monitoring it. If you are unsure if an email is legitimate or not, go to the institution's website an log in through that. If there is really a problem with your account, it will probably tell you there. Alternatively, call the bank/whoever and ask if it is real.

Spybot Search and Destroy and CCleaner are great programs. Firefox is a more secure browser than internet explorer. You can also add extensions to it to block potentially malicious things embedded in websites. Finally, just because you are using a Mac don't be stupid (this is coming from a Mac user). Any computer can be hacked, and you should always be careful. Just because you're driving a car with a five-star crash test rating doesn't mean that you should drive more recklessly or that you won't get killed in a car accident, despite whatever precautions you may take.

At home, I have dial up. Many laugh when finding this out, but there are safety advantages. My abacus doesn't get any spware and works in the rain.

One of my favorite 'old school' calculating systems is the ancient Chinese rod system. The system used several identical length rods, and the mathematician formed the rods in different formations on the ground to depict the numbers and make calculations. Black rods were used for positive numbers and red rods for negative numbers. When done, the mathematician simply dusted off the rods and put them back in the bag. Someone today can fashion their own black and red rods and learned the system.

Dialup doesn't buy you too much safety. I've been doing IT for 25 years and have rebuilt many a PC which got infected or other wise compromised through dialup.

BobbyV...you nailed it!!! Use a Mac or Linux and you'll never have these issues. If you use Windows, your best bet is to clean your pc about every 6 months. I mean backup your info and wipe out your HDD and reload Windows. This also gets rid of files and other stuff that slow your pc down. I feel there's not really a good defense for Windows. A good virus scan is not 100%. I think a lot of problems come from other people you know, such as getting an email from a friend with an attachment that is a virus and they don't know it is infected.

BobbyV...you nailed it!!! Use a Mac or Linux and you'll never have these issues. If you use Windows, your best bet is to clean your pc about every 6 months. I mean backup your info and wipe out your HDD and reload Windows. This also gets rid of files and other stuff that slow your pc down. I feel there's not really a good defense for Windows. A good virus scan is not 100%. I think a lot of problems come from other people you know, such as getting an email from a friend with an attachment that is a virus and they don't know it is infected.

Please don't spread misinformation about internet security. Systems running OSX or Linux may be less vulnerable but that doesn't by any stretch of the imagination mean that you "will never have these issues." Anything that you connect to the internet is susceptible. I think there have been enough explanations in this thread but if you don't understand something and want further explanation or additional examples/proof, please feel free to ask. I just don't want anyone to get in trouble because they had a false sense of security (better safe than sorry).

Disclaimer: I am not an internet security expert.

I have been on the internet since the very beginning back when Al invented it :D and always used a MAC and still to this day have never once had a problem.

I have been on the internet since the very beginning back when Al invented it :D and always used a MAC and still to this day have never once had a problem.

I too have been on the internet for quite some time (since somewhere between 1996 and 98?) and always had a fine time on a PC. I've had a Mac for a year now (which has both OSX and XP installed on it). My parents still use Windows systems. No one has ever had a problem. Based on that evidence, I suppose I could go around saying you will never have a problem, but that sample is far too small to be able to draw any conclusions from and it would be irresponsible do so. There are a million analogies one can make -- people die in car accidents while wearing seatbelts and others live while not wearing a seatbelt. In general, wearing a seatbelt is a good thing to do; it's certainly much safer. You can still get killed while doing it, though.

Mac OSX is less vulnerable to spyware and viruses and such because most of those are designed to install themselves and attack Windows. Why? A much larger percentage of people use Windows. Macs are immune to those malicious programs. That doesn't mean that a malicious program can't be designed to do the same on a Mac. It is harder and would effect fewer machines, which is why you don't see it happening.

Most importantly, a Mac is not going to protect you from your own stupidity (http://en.wikipedia.org/wiki/Phishing). If you get an email that says it's from your bank, you click the link because "if you don't update/validate your information, your account will be closed," and you enter your information, guess what -- you've just emptied out that checking account to somewhere in the Caribbean. Say goodbye to the PSA 6 Green Cobb you were planning on picking up in the next REA auction. That's not to say that all bank emails are fake -- many are real. But, it is incredibly easy to send out an email that mimics the exact look and vocabulary of a typical email from your bank, and equally as easy to create a website that mirrors the look and feel of your bank's site. Accidentally surrendering your information is an easy and honest mistake to make, but easily avoided. Rather than accessing your account through a link in an email, go directly to the bank's website and log in there. Also, look for sites that should be secure to have https:// at the beginning of the URL rather than the normal http://

I hope I'm not coming across as too harsh, but my final exams just finished up yesterday and thus I am operating on ~7 hours of sleep in the past two and a half days, so I might be entirely incoherent. I just don't think it's a good idea to say "oh yeah just get a Mac and it'll be no problem," without any sort of further education when people's entire financial lives are at stake. Identity theft is serious business (in multiple senses), and people can be absolutely ruined by it and have to work for years to get everything sorted out. Additionally, after seeing some reactions to the implementation of the new message board, I don't want someone unsure about technology going out and dropping $2k on a new iMac thinking that they will be all set, safe and sound, only for them to be tricked into giving up their information anyway. I hope that's not demeaning to anyone here but after working at RadioShack through high school and having conversations such as these, I've begun to find that even extremely obvious things often need to be emphasized:
1) "Will this charge my phone?" "No, that headphone extension cable won't charge your phone, and, no, neither will the cable coupler. And that thing's for radar detectors and more expensive than the correct charger that you're refusing to buy anyway."
2) "I need a USB cable to hook up my DVD player to my TV" "Do you mean RCA?" "Nope, I need a USB." "That's not generally what USB cables are used for... but do you want the one with the three red white and yellow thingies?" "Yeah. A USB."
3) "Hi, I bought this cell phone here last month and need to return it. It's broken." "You need to press and hold the button that says POWER to turn it on." "Oh, great! You're wicked smart!"

In closing, if anyone ever has any questions or concerns regarding this type of security stuff or computers in general, please feel free to email or PM me. I've gotten some nasty viruses off of a friend's computer (the kind that that render a machine essentially useless, but aren't targeting personal information) that Norton was detecting but wasn't adequately quarantining. I'm no computer guru, but I've got a lot of free time. Whatever you do, don't bring your computer to the thieving Best Buy Geek Squad!


If anybody's up for some reading:

Anything can be broken into (notice the dates on these articles -- they do not refer to a single event):
MacBook/Safari Hacked in 10 Seconds (http://www.tomshardware.com/news/Pwn2Own-CanSecWest-2009,7322.html#comments)
Hacker breaks into Mac at security conference (http://www.networkworld.com/news/2007/042007-hacker-breaks-into-mac-at.html)
Mac OS X hacked under 30 minutes (http://www.zdnet.com.au/news/security/soa/Mac-OS-X-hacked-under-30-minutes/0,130061744,139241748,00.htm)
Another Mac Virus Alert. Real This Time? (http://www.wired.com/gadgetlab/2009/01/another-mac-vir/)
New MacOS X trojan/virus alert, mostly a non-event (http://www.ambrosiasw.com/forums/index.php?showtopic=102379)
Hijacking a Macbook in 60 Seconds or Less (http://voices.washingtonpost.com/securityfix/2006/08/hijacking_a_macbook_in_60_seco.html)


Really, anything:
Investigators: Homeland Security computers hacked (http://www.cnn.com/2007/US/09/24/homelandsecurity.computers/index.html)
More congressional computers hacked from China (http://thehill.com/leading-the-news/more-congressional-computers-hacked-from-china-2008-06-21.html)
Computer Spies Breach Fighter-Jet Project (http://online.wsj.com/article/SB124027491029837401.html#mg%3Dcom-wsj%26articleTabs%3Darticle)
Sarah Palin's E-Mail Hacked (http://www.time.com/time/politics/article/0,8599,1842097,00.html)
Teen Pleads Guilty to Hacking Paris Hilton's Phone (http://www.washingtonpost.com/wp-dyn/content/article/2005/09/13/AR2005091301423.html)

1. Use a security software that has wireless network monitoring. I use Trend Micro and it is set up to notify if there is someone else not trusted on the wireless network.

2. Use alpha/numeric/symbols for all passwords, at least 8 - 12 characters in length.

3. Never, ever have your browser save passwords.

4. In your browser, enable deleting of files upon closing & do not save encrypted files to disk.

5. I never check "remember me" or "keep my logged in"

6. If you are hacked, get a new modem as information is stored there.

7. Use proxy browsing

8. Run CCleaner on start up

9. Occasionally run SIW for Windows

10. Run Trend Housecall once a month

11. Use Ad-aware & Malwarebytes once or twice a month

12. If you have been hacked, thought you cleaned the system and got hacked again, time to wipe the hard drive. And not just a reformat, completely shred the drive.

13. Use multiple email addresses. One for regular activities, one for public forums like these, one for banking, etc.

Concerning hackers breaking into a computer to read what another collector might be buying.....
I would have to see this to believe it. While the collectible market (all collectibles, antiques, stamps, etc) has high-end material and can get competitive, I do not see this, for lack of a better term, "crime wave."

I would be more concerned about PayPal, Ebay, bank cards and other items than someone wanting to acquire a Ty Cobb card.

You state..."I’ve been battling this sh@t for sometime now trying to figure out how they are gaining access to all of my families personal info."
If this true and your family's personal (banking, etc) info is out there, you need a new computer, modem, everything and start from scratch.

I'd like to thank you and others for your posts, very informative!

Please beware this hacking problem is getting out of hand! All systems should be checked and rechecked for this so called curious on lookers.

My Email has just been hacked...and who knows what else?

Might not work for everyone but my parents came from the Ukraine & I'm fluent in both Russian & Ukrainian.

My most frequent response to hacking attempts on my encrypted Cyrillic alphabet accounts is: "YOB TEBE" (Anglisized from the Cyrillic)

If no can supply a translation, I'll do it in a day or two.

http://www.insultmonger.com/swearing/russian.htm
:eek::eek::eek::eek::eek::eek:

Still being hacked into EBay and Email... No wonder we're slowing losing are rights!

Interesting article:
http://www.infowars.com/us-cybersecurity-plan-poses-new-war-threats-attacks-on-democratic-rights/

Regarding PayPal, I opened a separate account for PayPal transactions only with NO overdraft protection. I transfer money to the account when I need to make payments only.