Microsoft security problem
Just reading in the news about the internet explorer alert where hackers can steal your passwords without your knowledge - is this a real danger to us? I'm just thinking I have a lot of money tied up at certain bookies and I'm a bit worried about logging in and someone nicking my password and withdrawing all my money!!
Is this a real danger or am I just worrying over nothing?
I think its not worth worrying about. Even if someone did get your details what are they going to do? Deposit into your account? And then withdraw from your account? How is that going to benefit them? It is virtually impossible to get some sites to pay back to a different card/method than how you deposited try getting one to repay to someone elses card/account!
So I dont think any hacker would waste their time. They would go for buying things they can physically get hold of, or internet banking where they can make £ transfers, etc etc. If i had all passwords for someone, i dont think i would be able to make any money from using a gambling account they own. It may be a malicious attack if they dont like you, but they can not really personally profit so why bother.
Have a plan and stick to it
I've only just tried to find out more about this. I did hear about it on News 24 earlier in the day but wasn't too bothered personally because I use Firefox (which also has security issues all the time, I'm not saying it's any safer!).
Originally Posted by shezbabe35
The problem is apparently to do with a zero day vulnerability (ie a vulnerability that was only discovered by the vendor (microsoft) after having been known to be exploited already 'in the wild'). To be exploited you have to be using IE to browse a website that executes malicious code in such a way that it crashes IE and executes dodgy code. In turn that dodgy code then presumably makes your PC join a 'bot network' so your PC can be used to send spam, attack targetted hosts (ddos attacks), spam our forum (we get a lot of spam bots creating fake users so they can post spam links on the forum) and generally do no good.
There is a list of workarounds to mitigate the problem here:
Microsoft Security Advisory (961051): Vulnerability in Internet Explorer Could Allow Remote Code Execution
But I would just advise you don't use IE at all until there's a fix for it - ie make sure you have automatic updates enabled and your machine is regularly patched.
Generally just make sure your machine is up to date with the latest security updates for any software that you run - OS and web browsers etc alike. Make sure you have a good firewall (Comodo is good) and above all don't click on any link that you get sent in an email from someone you don't know.
Can't emphasize the automatic updates thing though, is most important above all.
Think its time to get worried about this.
I have funds missing from one bookie which I'm fighting to get back, and yes, they registered a card, placed a bet, then withdrew all the funds back to their card.
And yesterday, whilst at work, checked my home emails to find that another bookie had sent me an email thanking me for registering a new debit card with them - i called them urgently and requested them to suspend that account. I've always used IE, run anti-virus, spyware etc, but these w*ankers have got me.
Which bookie has the money "gone missing" from? Im not sure what to say about that, maybe they have then. It could be co-incidence though. Still, i hope you get it sorted out OK, have you cancelled the card at the bank to stop the funds leaving the source?
Have a plan and stick to it
Doesn't that break money laundering laws withdrawing to a different card? Suppose if it's a small offshore book then it's law unto themselves perhaps.
Originally Posted by Gasboy
Also when you say they thanked you for registering a new debit card, presumably that's a card that you used online already right?
First thing I'd do is cancel the effected cards and check any other payment methods to make sure no other money is going missing, maybe even get them to suspend those pay methods anyway til it's clearer what's happened (ie moneybookers I'm thinking of).
Then unplug your PC from the internet until you know for sure you're clean (grab the latest spyware/virus updates etc etc first!)... is there any chance it's someone you know who's got hold of your card(s) and is going off on a spending spree?
If you can't find any trace of virus/malware on your box then it's probably someone you know or someone who's made off with your details at an online site.
I had it with play.com a while back one lot of fraud, managed to nip it in bud pretty sharpish though thankfully and got a full refund.
Would imagine you'd have some recourse if you made the payments using visa debit / credit card... shoudl be able to get a fraudulent payment chargeback with luck (unless they don't cover gambling related payments, thankfully not had to deal with it yet).
The first one is a UK bookie. Somebody placed another debit card onto my account then deposited funds - almost four grand. They tried to bet all plus my funds on a minor footie match. When the bookie refused the bet, they then withdrew all the funds in the account back to this new card. So I have a major dispute with the bookie in question as to how this can happen. They say they are sorting it, but unless they do soon then I will be taking action against them.
To be honest, the second one was Betfair. Again somebody placed their own card onto my account. Perhaps this time I should have waited until they deposited funds before freezing the account!!!! At least Betfair sent me the email thanking me for it, thats how I picked it up
On the first one which was the bookie? You will definitely get that back its just theft. I understand if you dont want to say now but definitely once its settled let us know who it was and how they handled it please.
On the betfair one, better safe than sorry i guess!
Have a plan and stick to it
Its not much money - I will get it back - had to laugh with the cs guy. Asked him if I would be able to bet 4K with them in the future, and he said that my account had been marked out, and I'd been restricted to small certain bets!!!
Practically all of my money is online in poker sites etc. Have you ever heard of "Keepass"? Its like a database for all of your passwords, which itself is passworded. It generates ridiculously long and impossible to guess passwords that arent on hackers' lists. It's just awesome. It also helps on public computers too so you can copy and paste your passwords accross without actually typing anything into the keyboard.
Just a random suggestion...