hey
just a heads up that there a near perfect fake email going aronud pretending to be from Paypal Australia.
Says your account needs to be verfied in 72 hours or suspended becasue someone has tried to hack into it, looks very real.
giveaways are:
1) bottom of email it will say "PayPal Email ID PP059"
2) link provided takes you to: http://www.aquaticlight.com/images/www.paypal.com.au/webscr/…
If you get this email or something similar FW to [email protected]
Changing password from infected PC is more dangerous then not changing the password.
Usage of firefox with Ad-Block plus and other useful plug-ins like flashblock, Ghostery for important sites is more safer.
Even better, for a small price to pay ($7.50) you can get a PayPal security key which will add extra protection. The security key generates a 6 digit number that goes along with the password and it expires every 30 seconds. Do keep in mind that you will have to answer security questions and/or enter your account details if you don't have the security key with you after setting it up.
The link you have given is the US website therefore it shows $5 USD.
Just add .au in the link above to get the AU website. Like this:
https://www.paypal.com.au/cgi-bin/webscr?cmd=xpt/Marketing_C…
Would Paypal refund that? If it is not a genuine transaction.
Do you mean that by change of mind? I'm not so sure about that because I bought one a few years ago and payment was deducted from my Paypal account. If you follow the link above and click on the security key FAQ on the left, one of them states:
"Is the fee refundable?
No, but you pay the fee only once per Security Key."
Go to ebay buy a cheap 10 year old mac, use it only for financial transactions on the web, I got one for my parents for $45. They only use if for these types of transactions and turn it off (probably not necessary, but its safer) after completing the deal.
If you really cant accept the mac, then again buy an old PC and install Linux do the same.
7 years ago had the fortune to meet Frank Abiganale jnr at a hosted security conference and he said then that anyone using a PC to do financial transactions on the web were more stupid than someone with a sign on their back saying kick me.
Sounds like fear-mongering to me
They should make a movie of Frank's BS stories.
Oh wait….
7 years ago guy's and look now who's worried about security? Yes wait… As for BS, many large companies use old Frank to advise on security and still do.
Go to ebay buy a cheap 10 year old mac, use it only for financial transactions on the web…
No. For starters, it'll only support weak SSL cryptography, so your information won't be properly protected in transit. Secondly, you'll be susceptible to ten years worth of security flaws, assuming the thing isn't infected when you buy it.
I'd suggest you download an Ubuntu Desktop Live CD - it's free, and you can run it on your existing PC without affecting your Windows install. Burn it to CD, and when you're ready to do banking, pop it in the CD drive of your PC. Shut down the PC (don't just reboot - you don't want to leave anything resident in memory), give it a minute, and power it back up. Ubuntu will start, click on Firefox, and do your eBay/Banking/whatever. When you're done, shutdown your machine, take out the CD (it'll offer it to you before it shuts down completely), power it off for a minute, and then boot back in Windows.
If you're interested in the details of how that works- Ubuntu's a version of Linux (which is why it's free). It can't run Windows/Mac software (including viruses) so it can'tcatch any of the usual Mac/Windows nasties, and even if it did get infected, it can't write to your hard drive by default, so it can't spread the infection. If you boot into it from a switched-off machine, you can guarantee it'll be free from viruses/nasties; and if you only surf to legitimate sites (eBay etc) while you're using it, you're not likely to encounter any nasties, either. Finally, if you shut down after using it, you'll clear anything it did manage to catch (if it did manage to catch anything) out of memory, so your machine will be safe the next time it starts. We call that "defence in depth" - you assume one form of protection will fail, so you put a second (or third) in-place for when it does.
so do you need to install anything in-order to run it on the CD?
Jong - do you want to list the Mac viruses or nasties you claim?
And like all Used machines you would do a fresh install of the software. with the latest security updates which Apple provides for 10.4.11 2 years ago not 10 years ago. which these machines can run. But we know you know that already, dont you?
For $40 I dont have to reboot every time I want to do banking or visit some web site or open an email with an attachment or imbedded code. And each one of these can cause you grief. So every time I have to reboot my machine and load from the CD. While very safe lets get realistic, that's going to require very strong discipline, compared to just using an spare computer.
Oh and just surf to safe sites like ebay? Maybe the safest Sites like the US government - never been compromised ever??
I keep the PC for the great games and software BUT I keep it off the NET
And anyway its one option, your one is another, but you don't need to add 10 year and infected BS to make your point. It stands on its own as an option and you do highlight the need for people to take precautions
@[Deactivated]: A mac won't protect you from a phishing scam, which is probably how most people lose their account details. Nor will it protect you when the poor security of the site you bought from is hacked and your credit card details are stolen.
It might protect you from some Russian hacker's botnet, but only if you're incompetent enough to get it onto your system in the first place. What with Windows Vista/7 all but stopping you thinking for yourself about what programs you execute, and Antivirus programs heuristically detecting everything as "trojans", you'll be lucky if you're even able to run Firefox to get to the damn site.
@G5: True, nothing will stop you from being foolish. And think about it, if your PC isn't on the net then its very unlikely to get a trojan, a virus or anything bad, unless yo start loading stuff from other sources. Then again you have to add all the security software and keep it updated, wait while it checks out whats going on etc, which as you and Jong point out can be done .
IF you are aware enough. But frankly there are some people who are "incompetent" when it comes to those sort of things, so again my solution isn't for the "competent" just like its not for everyone, but neither is your solution or Jongs.
@[Deactivated]: OS is not an issue here, it is weak browsers (like IE and even Safari) that are vulnerable to attackers/worms.
Check this old (early 2008) article from paypal warning to safari : http://www.readwriteweb.com/archives/paypal_to_safari_users_…
End of the day, people need to be taught to never believe emails and click any link from it. Always type the address on the URL yourself and try not to open too many pages/programs while going to sensitive sites.
Following is from symantec recommendations (some points are good) :
http://www.symantec.com/norton/products/library/article.jsp?…
@mawinmawin: Interesting article - it is from marketing guy at paypal, who recommends IE which you agree shouldn't be used. And the criticism is that it doesn't protect from Phishing which is what we all say really cant be protected from other than users avoiding replying to emails.
Like all arguments here each opinion has flaws based on what someone does.
Really the safest way is not to do financial transactions on the internet, but that's not why most of us are here.
Then we can use Jong's technique, but how many are going to reboot their computer every time you read an email or do a transaction. and there's the new interface issue
Then there the cheap Mac way, but that comes up against, the new interface issue and the discipline to use another computer
And the next being to have security software - although which brand on your PC is best?
Whatever - NO matter what don't reply to emails about ANY account you have. AND if you must check the website of the company directly via the address you type in yourself AND then probably call any support line they have just to check as well.
@[Deactivated]: I agree with you.
Even that article is 2 year old. Also these days many banks got their site out of exclusive to IE.
Education is the key to avoid the scammers.
Mac or not mac, I don't think all of the online shoppers or users of internet banking (including me) can be "more stupid than someone with a sign on their back saying kick me"… because if that was true then we would have experienced at least some kind of negative repercussion, but so far it only looks like spam phishing emails.
If you believe that is the only way then dream on….
Proper password protection i.e. all different, non dictionary passwords
Not letting kids on your computer to downloading crap
Not download "free" adult material or torrents
Following basic security produres like never replying to a bank email
dont save passwords/cc numbers etc
Sounds like a good start for user security
So today
Germany's Federal Office for Information Security, or BSI, told Germans to avoid use of all versions of Explorer after the security hole led to hacks against Google and others.
Yep all it takes is having a secure password????
From my past experience, paypal is awful for protecting their customers. buying from ebay and getting scammed a few times has taught me to buy with a creditcard. paypal won't return your money if your account gets hacked or if you get scammed. But your credit card company will have more leverage and is usually more efficient at getting results. that said, i've heard bad stories about people having difficulties with credit card companies after getting their identities stolen.
Just be aware that its back again got one today looks legit but isn't
A family member recently had nearly $2000 of payments deducted from his paypal account in the space of about an hour. No idea how they got the password, most likely through a virus worm, so be extra vigelent people. Change your password often.