When your ID is stolen... - Page 2 - Orchid Board

Paul Mc · #11 03-26-2011, 01:06 PM

Whoever it was, they live in Pakistan. I don't know how they accessed my checking account and facebook page. I have had the charges removed from my checking account and changed all of my passwords, put a hold on my account and opened a new one.

Today, I'm securing services to have my credit checked from all three credit companies for a few months to monitor for anyone attempting to use my identification for credit.

PinkCloud · #12 03-26-2011, 01:12 PM

oh my!

I hope you get back everything you lost!

Gin · #13 03-26-2011, 02:40 PM

Hope the worst of it is over what a pain to go through . I set my face book to friends only and do not use my real name anywhere on the site also no personal info . Hang in there

camille1585 · #14 03-26-2011, 07:13 PM

Omg, how horrible!!

That has got to be one of my worst nightmare's. I really hope that you get it permanently sorted out...

King_of_orchid_growing:) · #15 03-26-2011, 10:11 PM

That sucks.

Hope you get through this ordeal.

They might've done it by phishing.

Phishing - Wikipedia, the free encyclopedia

Connie Star · #16 03-26-2011, 10:15 PM

I hope this all works out for you, Paul.
Last year my husband and I had one of our credit cards hacked. The bank caught it quickly, and gave us a new credit card number. That turned out to be a good thing, essentially wiping us from all of the "remember me" web sites (ie, Amazon, Verizon, others) that had our number. Since then I have not signed up to be "remembered." It's a little bit more trouble each time I buy something, but worth it.

You'll get thru this, and we'll all help.

RosieC · #17 03-28-2011, 09:34 AM

Really hope you can get it sorted Paul

Quote:

Originally Posted by Discus

It's trivial to steal your facebook login for instance through a wireless network, unless you login using https.

I just want to add to this. Facebook login is secure on https BUT (and it's a very big BUT) by default once you have logged in it switches to http (unsecure).

People have found a way of mirroring your login session without logging in. Put simply this means that once you log in securely they can get hold of an internal facebook session ID and can use that without ever finding out your password. This is mainly a problem in wireless networks and phone connections, but can happen on any network where they can intercept the information being passed arround.

There is an option on facebook to run the entire connection on https which stops anyone getting pretending to be you on facebook in the above way. To find this go to Account Settings -> Account Security and choose 'Secure Browsing (https).

However I've noticed it keeps unsetting it's self (not sure why) so every time you browse check that the address in the bar at the top of your browser starts with https://

I'm not saying this is how they got you Paul, but thought it a good opertunity to alert people to this security flaw and it's solution.

camille1585 · #18 03-28-2011, 09:39 AM

I tried running Facebook only on https like you say Rosie, but I was getting extremely pissed off at the pop ups everytime I left the FB site (ex to go to game apps and such) warning me that I was leaving the secure network. So I deactivated again. I'm hoping that my multiple levels of passwords (ie: super complex for paypal + bank, another for emails, another for FB, and another for all the forums and such that you need to sign up for) will keep the inportant stuff safe if I got trouble on FB or other things like that.

Paul Mc · #19 03-28-2011, 09:56 AM

Another issue as well though is that Facebook has had many security issues over the past few months. It seemed like there for a while every month the news was reporting how something happened internally at Facebook and people's information was released. This has not sat well with me to begin with, and this particular hack was made to gather information on me. While I've stopped them on my financial accounts, it doesn't mean they won't try to steal my credit by creating a fake me.

Thank you everyone for your thoughts and sympathy. I just wanted to start this thread so everyone here could be aware of how they got to me. Hopefully, we can all protect ourselves better.

RosieC · #20 03-28-2011, 10:04 AM

ID fraud is such a problem these days. I'm not sure there is any way to be completely secure we just have to do what we can, where we can.

Really hope things get sorted out for you Paul, it really sucks that this can happen.

Camille, I know what you mean, I've put up with them to get the higher security and I don't play many games on it anymore so I don't get so many of those messages about leaving the secure connection anyway.

I also have a password on facebook I don't use anywhere else and my financial info is on completely different passwords to EVERYTHING else.