OT: Looks like somebody got my credit card details...

A very true statement! I'm always careful with waht I download. If I download a file I always scan and re-scan the file for viruses/spyware before opening. Also, remember that unless you are on a trusted company's site, DONT download Active-X control as they are usually just viruses or worms.

I think I run Norton AV pro and 2 spyware detectors regularly and run the norton to check any website I open! That, and the 3 firewalls we run makes it prety ahrd to access our system!

But seriously, NEVER use credit cards unless you are on a secure system, and always be careful wtih waht you download. Not to say you weren't, but people are getting more clever these days on working out how to outsmart people and get their details...

Any kind of compensation you can get there Xylyx?

T

It wasn't the vendor at fault. I have just purchased a spyware remover that has found keyloggers on my system, which apparently bypassed my AV's so-called realtime protection and my firewall. It would appear that when I entered my CC details into the vendor's site, the keylogger then transmitted this info onwards...the two transactions that occurred were to an online betting shop. My credit card company will reimburse my account under it's online fraud policies, so I won't actually lose any money, but I am now going to have to wait for a new card to be sent as the other one has now been cancelled.

To be honest, it was only by chance that I realised my info had been stolen online...I happened to notice when accessing my other CC account that during the normal 'reading from' stage that for a second 'http.edge.ru4.com' appeared. The ru4 in particular made me alert, but it just didn't fit in with AMEX server names. Hopefully, this spyware program will kill the keyloggers and I can then look at changing my various passwords.

Rob, (edit: or anyone else who is a victim of ID theft...) not to sound paranoid, but be careful.
The bad guys know who you are now (e-mail address, IP, etc.) and it might behoove you to change your Internet provider, or at least contact your current one to request a new account (if possible). Identity thieves may move on once your credit card account is changed, but then again they may try again, since they do have your IP.
Also, you might limit who has access to your computer, as sometimes it may not be you who downloaded the keylogger, but possibly another family member (or friend) who did....

ORIGINAL: MurderDethKill

Rob, (edit: or anyone else who is a victim of ID theft...) not to sound paranoid, but be careful.
The bad guys know who you are now (e-mail address, IP, etc.) and it might behoove you to change your Internet provider, or at least contact your current one to request a new account (if possible). Identity thieves may move on once your credit card account is changed, but then again they may try again, since they do have your IP.

I might suggest getting an IP resetter. We have one here. It basically means that you can turn off your internet connection and when you turn it back on, you are assigned a new IP. It's great for this kind of thing.

I couldn't name it off the top of my head, but basically it resets your IP address to a random new one every time you re-connect to the internet.

so if you're worried about them tracking your IP, then your should look into it, seriously.

T

ORIGINAL: xylyx

It wasn't the vendor at fault. I have just purchased a spyware remover that has found keyloggers on my system, which apparently bypassed my AV's so-called realtime protection and my firewall.

Hi xylyx, what was the spyware remover you purchased? I might need to look into this as well, thanks.

ORIGINAL: lawapa

Discover Card can set you up with a one time transaction number. Not everyone accepts Discover card but you can get secure internet transactions because the number will only work once. No one else can use it ever again. I also think that Am express and visa have something similer. It's a one shot that debits your main account just that one time. So for online purchases where there might be reason for concern, You can cover yourself.

I'll have to look into this...I am certainly more wary about using a credit card online now. Hell, I am wary about submitting any personal details online now...

ORIGINAL: xylyx

Spyware Doctor...it'll set you back $30. Download the trial which will scan your system...if it finds anything and you want to remove them then you will have to pay, but for $30 it'll be worth it.

Is there any way to block this url from sending info from my computer? If not, I will have to do a total wipe of Windows, as I don't know how else to stop it...

Cheers xylyx.

Zone Alarms may stop it. ZA has a triple layer firewall, Virus scanner, Anti spam module and Spyware detector. Maybe a clean wipe is better to be 100% sure.

http://www.zonelabs.com/store/content/home.jsp

Frequently deleting temporary internet files can get rid of a lot of these things, as that's where they reside much of the time. :-/

blipp: It was Grisoft's AVG that didn't block it and Windows built-in firewall too...I will have to check out some of the alternatives mentioned here, as it seems that the free stuff isn't cutting it.

cmusicmaker: Since my last post, I had decided that I was going to do a reinstall...seems that cleaning my system out and then installing these various prevention softwares is better than hoping that there is nothing left on my system.

oroboros: To be honest, I never even knew about these one time credit card numbers...seems like a sensible idea and one I will definitely be looking into. I guess complacency got the better of me, as I have done that many transactions online I stopped being as vigilant as I should have been (used to do a separate spyware scan every week...although it appears the spyware scanner I was using would have missed these keyloggers anyway).

agincourtdb: This program I have now seems to protect against this sort of thing now. It even immunises a bunch of ActiveX files on your system as well as other things...it'll probably slow the computer performance down a bit, but my music computer is not connected to the net, so it's not a major issue. I just need to wipe my system to be sure everything is gone and then immunise...'prevention better than the cure', to use a cliche.

techead: I shall check this out after the reinstall...was going to download it now, but I have to fill in a form with my address and everything to download a trial, so I will wait until I have cleaned my system off seeing as it still seems to transmit info to some url at the moment.

Check out Ewido.

Thanks for that, man. And that's no bulls hit. That anti-malware just picked up a nagging little worm that I couldn't get rid of with anything else. It's been around so long that I almost made it part of my workflow. Gone. Even Panda missed it.

The one-shot credit card numbers? Buy yourself a Visa gift card for slightly over the amount that you want to spend. 6 bucks for bullet-proof security.

I've installed it too. Looks good. cheers for the link bulls hit

I tried it and it found some stuff that was missed by the other programs I have tried, but there is still something on my computer that is transmitting data online to another location. As mentioned earlier, it seems that the url is for an advertising related business (Poindexter), but I want to stop it doing that...is there a way to get ZoneAlarm's firewall to prevent it from transmitting?

ORIGINAL: MurderDethKill

Rob, (edit: or anyone else who is a victim of ID theft...) not to sound paranoid, but be careful.
The bad guys know who you are now (e-mail address, IP, etc.) and it might behoove you to change your Internet provider, or at least contact your current one to request a new account (if possible). Identity thieves may move on once your credit card account is changed, but then again they may try again, since they do have your IP.

Changing ISPs or ISP accounts will not help you in the least. They are just your 'first hop' into the Internet. What you download is strictly up to you. Having your IP address is not a problem if you have a firewall - like everyone should. There is really no excuse not too. For those that do not have a hardware router/firewall, there are some good software ones as well.

The best thing to do if you have a hardware firewall is to set up a private address range e.g. 10.x.x.x on your home LAN and use the router/firewall to NAT that address to the public address. The only thing anyone can really do is attack your router. Let them. I could care less. But, I do have that locked down as well. The only time you could potentially get into trouble is if you do a static port translation for the NAT.

Now, once you download the software and get the spyware, that is a whole different story because then your PC is the one sending the data.

Adam