When your ID is stolen...
 

I just had mine stolen and my accounts drained.

If this should ever happen to you, be sure to change and update your email security and passwords! Be sure to change your email passwords and security settings. Also, someone who has hacked your email and/or facebook has probably asked for all emails to be sent to them by features in your email account. Ensure that no one has changed your notification features anywhere!

Protect yourselves and start a journal of what you discovered when and where, and what you did to protect yourself!

Pray for me guys, I fear a very bumpy road ahead.

So sorry Paul. I cant even imagine how scary that must be.

Sending good vibes.

-J

So sorry, what kind of ID was stolen? I hope it all works out. Keep us posted.

So sorry to hear that. Hopefully it will be straitened out soon.

Sorry to hear that, Paul. Was this done through cloned cards or electronically?

If electronically, make sure there are no keyloggers or malware installations on your PC, particularly not on any PC you might use for banking etc.

A note - never use internet banking sites on unknown PCs, like in internet cafes - it's quite popular particularly in overseas destination as a source of income to steal your login through electronic or software keyloggers.

Also make absolutely sure that you use end-to-end encryption (like https) on any site you might visit and log into, particularly on wireless networks or networks you don't fully trust. Remember there are a lot of computers/networks between you and the sites you visit. It's trivial to steal your facebook login for instance through a wireless network, unless you login using https. So many people have One Login they use *everywhere* so once they have that one, it's fun times! I personally have "tiers" of user/passwords - ones I need to have unique (important/financial systems); "I don't really care" logins for sites that demand you sign up to them to do some trivial once off thing; and then I have ones that I care somewhat about.

Good luck Paul!

How awful! I hope everything gets sorted for you. I don't know what kind of support/ advice networks there are over there, but hopefully someone can help and advise you. **Big OB Hugs**

:gh

Paul,

So very sorry. I hope it all gets straight for you and I also hope they somehow catch the jerks who did this to you.

Paul, I'm so sorry to hear that this has happened to you! :( You will be in my prayers.. please.gif
And we will travel with you here at OB, how ever bumpy the road ahed might be!
:youcandothis:

Oh my! That's horrifying!
I wish you the best of luck in the journey ahead :pray:

Whoever it was, they live in Pakistan. I don't know how they accessed my checking account and facebook page. I have had the charges removed from my checking account and changed all of my passwords, put a hold on my account and opened a new one.

Today, I'm securing services to have my credit checked from all three credit companies for a few months to monitor for anyone attempting to use my identification for credit.

oh my! :( I hope you get back everything you lost!

Hope the worst of it is over what a pain to go through . I set my face book to friends only and do not use my real name anywhere on the site also no personal info . Hang in there :)

Omg, how horrible!! :( That has got to be one of my worst nightmare's. I really hope that you get it permanently sorted out...

That sucks.

Hope you get through this ordeal.

They might've done it by phishing.

Phishing - Wikipedia, the free encyclopedia

I hope this all works out for you, Paul.
Last year my husband and I had one of our credit cards hacked. The bank caught it quickly, and gave us a new credit card number. That turned out to be a good thing, essentially wiping us from all of the "remember me" web sites (ie, Amazon, Verizon, others) that had our number. Since then I have not signed up to be "remembered." It's a little bit more trouble each time I buy something, but worth it.

You'll get thru this, and we'll all help.
:youcandothis::youcandothis::youcandothis:

Really hope you can get it sorted Paul :evil:

I just want to add to this. Facebook login is secure on https BUT (and it's a very big BUT) by default once you have logged in it switches to http (unsecure).

People have found a way of mirroring your login session without logging in. Put simply this means that once you log in securely they can get hold of an internal facebook session ID and can use that without ever finding out your password. This is mainly a problem in wireless networks and phone connections, but can happen on any network where they can intercept the information being passed arround.

There is an option on facebook to run the entire connection on https which stops anyone getting pretending to be you on facebook in the above way. To find this go to Account Settings -> Account Security and choose 'Secure Browsing (https).

However I've noticed it keeps unsetting it's self (not sure why) so every time you browse check that the address in the bar at the top of your browser starts with https://

I'm not saying this is how they got you Paul, but thought it a good opertunity to alert people to this security flaw and it's solution.

I tried running Facebook only on https like you say Rosie, but I was getting extremely pissed off at the pop ups everytime I left the FB site (ex to go to game apps and such) warning me that I was leaving the secure network. So I deactivated again. I'm hoping that my multiple levels of passwords (ie: super complex for paypal + bank, another for emails, another for FB, and another for all the forums and such that you need to sign up for) will keep the inportant stuff safe if I got trouble on FB or other things like that.

Another issue as well though is that Facebook has had many security issues over the past few months. It seemed like there for a while every month the news was reporting how something happened internally at Facebook and people's information was released. This has not sat well with me to begin with, and this particular hack was made to gather information on me. While I've stopped them on my financial accounts, it doesn't mean they won't try to steal my credit by creating a fake me.

Thank you everyone for your thoughts and sympathy. I just wanted to start this thread so everyone here could be aware of how they got to me. Hopefully, we can all protect ourselves better.

ID fraud is such a problem these days. I'm not sure there is any way to be completely secure we just have to do what we can, where we can.

Really hope things get sorted out for you Paul, it really sucks that this can happen.

Camille, I know what you mean, I've put up with them to get the higher security and I don't play many games on it anymore so I don't get so many of those messages about leaving the secure connection anyway.

I also have a password on facebook I don't use anywhere else and my financial info is on completely different passwords to EVERYTHING else.

What I really like about my dutch bank account is that there is no password. When you sign up for internet banking you get a a little device that reads your card's chip. To login you have to give your account and 4 digit card number on the webpage, then it gives you a code. Then type your pin number and the code into the device, and it spits out a unique login code. If you want to make a payment, there's an extra layer to go through. No way to get your account hacked without having the card,or a faked one :/

I'm really wary about phishing too, I've gotten fake emails from my french bank, skype, and paypal. Really have to watch out for those!

Some of the banks in the UK do that as well. My collegue has one. Mine doesn't :( but they are a better bank for me in other ways.

I get so many phishing emails. I get facebook ones on my work account (which is not linked to facebook) and for all sorts of banks I'm not a member of. :evil:

I'm a big fan of submitting phishing emails to phishtank and spam in general to spamcop.

Well, I think I found the culprit! Although the first time around with my virus and spy softwares found nothing (two different programs searching for pretty much the same thing - I always have at least two modes of protection on my computer), one of them picked up something yesterday as I was accessing the internet.

A trojan was attempting to connect to the internet with me. After doing some research, it's the type that monitors your online activity and then submits "reports" to hackers.

Having difficulties deleting it though. My computer crashed while the software was attempting to delete it. This may be a job for a computer geek - not an orchid geek, lol...

Glad you've found the culprit. Hope you can get rid of it, some of these things are really nasty and resist removal :evil:

I think it must be quite a new one if your virus checker didn't find it earlier.

I don't know how often you update the virus checker, but I know mine checks for updated signatures every 10min when I'm online. If you only update once a day even that is not enough protection :( I know some people who update once a week and I keep trying to persuade them that if they are online that just isn't enough :(

Of course it takes a while for the anti-virus company to identify and release new signatures, but my 10min check (which is the default for this software) at least gets them as soon as they are available.

It depends on your software too - not all of it updates all that regularly...

Yeah, it's one reason I would always go for a really big name virus checker... they are more likely to be hot on updating their databases.

I use Sophos because my company licences covers me at home as well and really like it, they are VERY hot on updates.