Paypal and other password stealer help!!
Posted 01 June 2004 - 01:36 PM
Second the link that was there read ' www.paypal.com/longin=run" but when I clicked on it, you could clearly see the computer loaded somethign up in the backround and quickly closed itself within a matter of seconds. Then when I tried to right click - properties from the link the only option I got from right clicking was 'select all'.
But when i moved my mouse over the link a small popup window comes up with the real web address it goes to. This is what I got from that pop up window :
Now I really dont know what to do, cuz paypal didnt really help me too much and Im worried cuz all my info is in there. One of my friends suggested this forum due to knowledgeable people. so Im hoping I can get some answers.
Also one more thing, I ran adaware and spybot right after and they removed a couple of objects out of which 3 of them were executables. I dont know if this means ne thing ... but someone please help!!
Posted 01 June 2004 - 08:08 PM
The scam artist just goes "phishing" and sends fake PayPal notices to a hundred people, even though only eight might be PayPal users. If even one out of eight falls for it, the scammer is way ahead.
Did you fill out the fake form with your PayPal info? If you didn't, they don't have your information, like your PayPal password, so relax.
By the way, didn't you read PayPal's advisory when you signed up that they would never ask you for your info like this?
PS - If your name is Joe Bloggs any valid e-mail from PayPal starts with "Dear Joe Bloggs," whereas the phony is always addressed to "Dear PayPal User" or somesuch nonspecific form of address.
Edited by QuasiMojo, 01 June 2004 - 08:26 PM.
Posted 01 June 2004 - 10:19 PM
But what scares me about this email is that it wasn't any webpage that opened up instead, the when clicked on, it looked like somethign opened up in the backround and then immediately terminated. As if a small program was launched and executed. A program like a password stealer. This is what I fear and haven't logged into paypal at all today on this computer, I want to be 100% sure that I dont have any password stealers before I do log back in.
Posted 02 June 2004 - 04:57 AM
Sounds like you want to scan your system for keyloggers. I never thought about doing that, since I have no reason to suspect I've been infected.
But what scares me about this email is that it wasn't any webpage that opened up instead, the when clicked on, it looked like something opened up in the backround and then immediately terminated. As if a small program was launched and executed. A program like a password stealer. This is what I fear and haven't logged into paypal at all today on this computer, I want to be 100% sure that I dont have any password stealers before I do log back in.
Yesterday, by sheer coincidence, I ran the free security check provided on the Symantec home page. I used it once before when I first built my system nearly three years ago, but I just switched to AVG Antivirus after my Norton subscription expired, so I was curious to see what Symantec would say. My system passed with flying colors.
Have you ever tried it?
(www.symantec.com, -> look in the middle of their homepage.)
Posted 02 June 2004 - 09:03 AM
The link index2.htm contains very little, it seems to load the page "sysdll.php" with the following code: (I have replaced the "more than/less than" signs with *(* resp. *)* since the board probably won't honour my post otherwise...
The file sysdll.php contains the following snippet, which I *think* tries to call for a helper object (?), but I am no web-coder so don't take this at face value:
*(*HTA:APPLICATION id=oHTA VERSION="1.0"
APPLICATIONNAME="AmPost" BORDER="thin" BORDERSTYLE="normal" CAPTION="yes"
CONTEXTMENU="no" ICON="yes" INNERBORDER="yes" MAXIMIZEBUTTON="no"
MINIMIZEBUTTON="no" NAVIGABLE="yes" SCROLL="no" SCROLLFLAT="yes" SELECTION="yes"
SHOWINTASKBAR="yes" SINGLEINSTANCE="yes" SYSMENU="yes" WINDOWSTATE="normal" /*)*
Anybody can shed som light on what "AmPost" is?
Posted 02 June 2004 - 11:34 AM
I haven't tried the symantec website, I'm going to do that in a few. SOrry for the stupid question, but what is a system key logger?
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users