Jump to content

100

Active Members
  • Posts

    84
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by 100

  1. username=FasterKg password=as54itbv emailauth= captchagid= captcha_text= emailsteamid= do=reset username=maxnecati key=V5FIiN7w password=04071992 password2=04071992 submit=Reset+Password login_form=login username=maxnecati password=04071992 remember=ever submit=Login username=simonzob password=swatch emailauth= captchagid= captcha_text= emailsteamid=
  2. da`mi direct URL dupa care sa caut
  3. Vad ca toti vreti de ORANGE: action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=false login=solilocvii password=ionela keys: aor solilocvii ionela ################## action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=false login=dorobatsergiu password=120506 ################### action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=true login=valentin.burlacu password=ilav1987 ############### action=LOGIN jspname=login_utils.jsp client=true full_page=true submited=true sso_ok=ok login=valentin password=ilav87 ############### action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=true login=valentin.burlacu password=ilav1987 ################ action=LOGIN jspname=login_utils.jsp client=true is_small=true full_page=true sso_ok=ok submited=true login=ionutbogdanm password=gruiamariamara ################### action=LOGIN jspname=login_utils.jsp client=true full_page=true submited=true sso_ok=ok login=claudiu_st password=matasuge ################### action=LOGIN jspname=login_utils.jsp client=true is_small=true full_page=true sso_ok=ok submited=true login=fck password=offic ################### action=LOGIN jspname=login_utils.jsp client=true is_small=true full_page=true sso_ok=ok submited=true login=NicodimCristian password=d2i9f5a1 ################## action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=true login=isabela.stoicescu password=088263 ################### action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=true login=dorobat+sergiu password=dase@120506 ################# action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=false login=corinaparadian password=mukylina ################ action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=false login=l_wpo password=19691987 ################ action=LOGIN jspname=login_utils.jsp client=true full_page=true submited=true sso_ok=ok login=claudiu_st password=matasuge ############# action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=false login=iulica_ionescu password=MIORlau ############## action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=false login=KosmoDesign%26Studio password=andrei remember_password=yes action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=false login=l_wpo password=19691987 action=LOGIN jspname=login_utils.jsp client=true is_small=true full_page=true sso_ok=ok submited=true login=luminita.sultana password=realmadrid action=LOGIN jspname=login_utils.jsp client=true is_small=true full_page=true sso_ok=ok submited=true login=luminita.sultana password=realmadrid action=LOGIN jspname=login_utils.jsp client=true full_page=true sso_ok=ok submited=true login=georgescu_silviu password=13051988 action=LOGIN jspname=login_utils.jsp client=true full_page=true submited=true sso_ok=ok login=stefanulian password=papito action=LOGIN jspname=login_utils.jsp client=true full_page=true submited=true sso_ok=ok login=radustefan%40yahoo.com password=papito action=LOGIN jspname=login_utils.jsp client=true is_small=true full_page=true sso_ok=ok submited=true login=fck password=office ENJOY
  4. nu mai am... sorry
  5. Bun la dispozitie 10Gb de loguri... aveti nevoie de loginuri de anumite site`uri caut si va ajut... MOCA Va rog postati cererile pe thread, nu`mi mai trimiteti PM PS: Caut business partner. Detalii pe ICQ: 616429443
  6. Produs: COSMOTE 14E Cod de reincarcare: 7331485222458392 Serie: 2140000000006285 Produs: ORANGE 12E Cod de reincarcare: 70833430394410 Serie: 00264069949
  7. Caut posteri pt diferite site`uri din Europa si USA. Contact: ICQ OTR: 649567347 Jabber: 192.168.1.2@thesecure.biz Yahoo: mikesir22@yahoo.com
  8. aaaaaa BITCOIN iti spune ceva?! Nu vrei sa intelegi ca e o solutie, nu solutia. Daca la mine a mers si eu dau 100 de usd de la mine sa ii ajut si pe altii, ce dracu te bagi tu desteptu planetei, priceputul din fundul satului sa imi explici mie in matematica ta rurala ca nu e bine ? O pagina de teorie si NIMIC PRACTIC. Da-mi peste nas, uite iti dau eu acum 4 handshakes si sparge-le tu, d-le "academician" aka "porfesor de informatica la tara". NU MERGE PT TOATE, dar daca vrei sa ai acces la netul vecinului parolat cu WPA , poti sa incerci. Dc vecinul e ca tine, un satean scolit si priceput, o sa isi puna parola #$ERFF$#$% ca sa nu stea nimeni pe netul lui. Daca nu e, si multi nu sunt, O SA O GASEASCA. PS: Manelist esti tu cu cine vrei tu (era sa zic doamna ma-ta), iar de pusti nu mai zic. De obicei nu ma cobor la nivelul celor ca tine, dar chiar ai insistat.
  9. Baiete..... mai tarus obosit care ai salariu 300 de dolari pe luna. Go @ vaca ca esti mult mult prea tampit pt internet. Tu nu vezi ca debordezi de prostie ? Zi mai bine ca ai gresit, da edit la post si du-te sa dai de mancare la gaini... Sau vino cu ceva INTELIGENT , nu cu o paralela la OUA, cap patrat. Sau spune-ne cate retele WPA ai spart tu si mai ales CUM !
  10. @ Killas - abia astept sa vad ce ai citit tu in "revistele de crackuit" (ce dracu or fi si alea). dc tu stii sa spargi altfel wpa si merge, iti dau 300LR pt metoda.
  11. Inca 6. Va rog frumos sa va abtineti de la comentarii tampite cand habar nu aveti despre ce e vorba. Din gura vi se pare foarte usor de facut tot, dar adevarul e ca dormiti pe voi. NU fac bani din asta, nu ma interseaza sa castig nimic, vreau doar sa ajut comunitatea. Daca tu te crezi la piata si cumperi oua esti foarte foarte prost (cel mai bland spus). Excrocheire - FRAUDA ( cum se spune in 2012 la oras ) e cand ceri bani pe ceva, Eu nu am cerut, dar tu fiind foarte foarte prost (uite a 2-a oara) ai crezut ca ai gasit tu marea combinatie si fiind foarte foarte prost (a 3-a oara) te-ai si gandit sa impartasesti cu restul produsul creierului tau mucegait.
  12. Inca 7. Nu am zis ca au facut cine stie ce, dar am zis ca la mine au mers mai mult de jumatate. Daca ai avea 5 retele WPA nu ar merita 50 usd ( sau 1.8$-4$) sa scapi de gunoiul ala de modem ??????
  13. Inca 8. Sansele de reusita nu sunt mari, dar e cel mai bun mod pe care il stiu in care poti sparge WPA key. E normal sa nu mearga intotdeauna. NU e siteul meu, nu sunt afiliat la ei - la mine a mers pt 4 retele.
  14. O sa va platesc eu 10 incercari. Astept handshakeurile + SSID (case sensitive) in PM pe sendspace.
  15. Trebuie sa capturati handshakeul cu wifi way (ultima versiune merge cel mai bine) si sa il uploadati acolo. Platiti cu o carte de credit si aia e...... Nu cred ca e foarte dificil. Daca vreti sa faceti voi, va trebuie un dictionar de 1-2 miliarde de parlole posibile + putere de calcul. Mie mi-au gasit si parole gen "1cuvant" "cuvant232". Brute force e imposibil pana si pt o parola de 8 caractere full ascii.
  16. Here is for free a bullet proof domain name provider in ukrainia Accept LR,webmoney and even Credit Card Used by many spammers and domain still up hxxp://ukrnames.com/ PS: Only in russian so use google translate
  17. Here is for free a bullet proof domain name provider in ukrainia Accept LR,webmoney and even Credit Card Used by many spammer and domain still up hxxp://ukrnames.com/ PS: Only in russian so use google translate
  18. 1. Open C: Drive and make a folder in it e.g. “hacks”. Put both the files i.e. the file that you want to hide and the image inside which you want to hide the file into this folder 2. Select both the files and make a compressed RAR archive e.g. “secret.rar” out of them 3. Open Run and type in “cmd” to open the Command Prompt. Now type “cd..” and press enter and repeat this once again. Type “cd sizlopedia” to open the folder (where “hacks” is the folder that I am using in this tutorial) 4. Type the command “copy /b maria.jpg + secret.rar safe.jpg” and press enter 5. The new picture safe.jpg is now the nested Picture file which has the hidden file saved inside it. Change its extension from .jpg to .rar anytime to access or extract the hidden file Source:sizlopedia.com
  19. Here is a PDF that explains the principles: http://www.antiphishing.org/sponsors...whitepaper.pdf In short, they ID your device no matter of socks, cookies deletion or browsers used. It works by fingerprinting the device using unorthodox methods. Some say: - they can read MAC - they can read Windows Registry UID - they can read other UID's Windows use For those of you who are wondering, why did PayPal limit account access? Why did my bank login request additional security questions? etc. The answer is a relatively new technique called Device ID Fingerprinting. It exploits information leaks especially in Javascript and Flash, such as Browser, Javascript/Flash Version, OS, clock time, screen resolution, etc. to formulate a users "digital ID". When these variables change, the system depending on how it is setup, will flag the account for further scrutiny. Much of this is not new, what is though, is how sophisticated these models have become over the past several months. Most importantly, "True-IP", will use a variety of methods to determine whether the IP is a proxy or the users actual IP. In conjunction with IP-Geo, the culmination of these techniques results in a considerably effective technique to prevent unauthorized access. What does this mean for you? Username & password authentication is no longer enough to prove validity. Somewhat related, but more from a law enforcement perspective, is the use of hardware identifiers to track 'cyber-criminals' online. For example, FBI CIPAV, collects unique hardware & software identifiers. If you are using a computer you purchased on your credit card, or connect through a router that is your own, then you are at risk should you be targeted. Currently, their are two known investigate tools available to federal agencies to track you online, little is known about either, the first being CIPAV, the second was only acknowledged but information on how it works was redacted from any public documents. Lesson Summary: Anonymity of your IP should be part of an overall multi-layer approach to protecting your security.
  20. "In what may become a precedent setting digital rights ruling, Judge Robert Blackburn of the United States District Court of Colorado ruled that compelling an individual to provide access to the encrypted contents of a device does not violate the US Constitution's prohibition of self incrimination. The ruling came during the trial of Ramona Fricosu, who is accused of taking part in fraudulent real-estate transactions. While serving a search warrant of Fricosu’s home, investigators confiscated a laptop for which they had a warrant. Finding the contents of the drive encrypted, the authorities then requested that Fricosu enter the password or otherwise provide to the court the unencrypted contents of the computer. The Electronic Frontier Foundation argued that such a request constituted a breach of Fricosu’s Fifth Amendment rights, and submitted an Amicus Curaie on Fricosu’s behalf over the summer. Yesterday Judge Blackburn, an appointee of George W. Bush, concluded that an individual's protection from self incrimination under the Fifth Amendment isn't violated by requiring production of the unencrypted contents of the laptop. The Fifth Amendment, part of the Bill of Rights, states that “No person shall… be compelled in any criminal case to be a witness against himself...” In explaining his rationale, Blackburn acknowledges the Supreme Court precedent that a defendant cannot be compelled to reveal the self-incriminating content of his or her mind, but concludes that that protection doesn't extend to the contents of the hard-drive. In step with that reasoning, the government has offered Fricosu immunity from the use of any information revealed in the actual act of producing the unencrypted contents of the laptop, whether by revelation of a password or otherwise. One prominent cyber law expert said the ruling isn't unexpected. "Doctrinally it's not too surprising," said Jonathan Zittrain of the Berkman Center for Internet and Society at Harvard University. “The fact that the person knows the password at all may not be usable against the person -- i.e. using the knowledge of the password to tie the person to the hard drive. That probably would fall under 5th Amendment protection.” In other words, even with the decrypted data in hand, the prosecution still needs evidence that they believe establishes Fricosu as the owner of the laptop even without the encryption key. Fricosu has until February 21, 2012 to provide a copy of the hard drive or appeal." Indictment of this case :hxxp://www.wired.com/images_blogs/threatlevel/2012/01/decrypt.pdf Source : hxxp://threatpost.com/en_us/blogs/judge-rules-forced-decryption-does-not-violate-fifth-amendment-012412
  21. Source: http://krebsonsecurity.com/2011/11/m...ed-in-estonia/ + all the local papers were talking about this as well --------------------------------------------------------------------------- The proprietors of shadowy online businesses that have become synonymous with cybercrime in recent years were arrested in their native Estonia on Tuesday and charged with running a sophisticated click fraud scheme that infected with malware more than four million computers in over 100 countries — including an estimated 500,000 PCs in the United States. The law enforcement action, dubbed “Operation Ghost Click,” was the result of a multi-year investigation, and is being called the “biggest cybercriminal takedown in history.” Vladimir Tsastsin, in undated photo. Estonian authorities arrested six men, including Vladimir Tsastsin, 31, the owner of several Internet companies that have been closely associated with the malware community for many years. Tsastsin previously headed EstDomains Inc. a domain name registrar that handled the registrations for tens of thousands of domains associated with the far-flung Russian Business Network. Reporting for The Washington Post in September 2008, I detailed how Tsastsin’s prior convictions in Estonia for credit card fraud, money laundering and forgery violated the registrar agreement set forth by the Internet Corporation for Assigned Names and Numbers (ICANN), which bars convicted felons from serving as officers of a registrar. ICANN later agreed, and revoked EstDomains’ ability to act as a domain registrar, citing Tsastsin’s criminal history. Also arrested were Timur Gerassimenko, 31; Dmitri Jegorov, 33; Valeri Aleksejev, 31; Konstantin Poltev, 28 (quoted in the above-linked stories as the spokesperson for EstDomains); and Anton Ivanvov, 26. All six men were arrested and taken into custody this week by the Estonian Police and Border Guard. A seventh defendant, a 31-year-old Russian national named Andrey Taame, is still at large. Source: FBI Indictments returned against the defendants in the U.S. District Court for the South District of New York detail how the defendants allegedly used a strain of malware generically known as DNS Changer to hijack victim computers for the purposes of redirecting Web browsers to ads that generated pay-per-click revenue for the defendants and their clients. U.S. authorities allege that the men made more than $14 million through click hijacking and advertisement replacement fraud. DNS Changer most often comes disguised as a video “codec” supposedly needed to view adult movies. It infects systems at the boot sector level, hooking into the host computer at a very low level and making it often very challenging to remove. This malware family didn’t just infect Microsoft Windows systems: Several versions of DNS changer would just as happily infect Mac systems as well. Other variants of the malware even hijacked DNS settings on wireless home routers. The FBI has posted several useful links to help users learn whether their systems are infected with DNS Changer. Feike Hacquebord, senior threat researcher for security vendor Trend Micro, called the arrest the “biggest cybercriminal takedown in history.” In a blog post published today, Hacquebord and Trend detail the multi-year takedown, which involved a number of front companies, but principally an entity that Tsastsin founded named Rove Digital: In 2009 we obtained a copy of the hard drives of two C&C servers that replaced advertisements on websites when loaded by DNS Changer victims. On the hard drives we found public SSH keys of several Rove Digital employees. These keys allowed the Rove Digital employees to log in on the C&C servers without password, but with their private key. From log files on the servers we were able to conclude that the C&C servers were controlled from Rove Digital’s office in Tartu. Rove Digital had also been running a fake AV / rogue DNS affiliate program called Nelicash. We were able to download a schema of the infrastructure for the fake AV part. From a Nelicash C&C server we discovered data on victims who bought fake AV software. Among the purchases of victims, there were several test orders placed by employees of Rove Digital from IP addresses controlled by Rove Digital in Estonia and the US. This shows that Rove Digital was directly involved in the sales of the fake AV. From the same Nelicash C&C server we were also able to download a detailed planning of the deployment of new rogue DNS servers in 2010 and 2011. Every day, Rove Digital spread a new malware sample that changed systems’ DNS settings to a unique pair of foreign servers. We checked DNS Changer Trojans for a couple of days and we learned that these Trojans changed DNS settings of victims exactly according to their plan. We collected much more evidence but we are unable to include them all here. All of our findings indicate that Rove Digital is committing cybercrimes on a large scale indeed and is directly responsible for the large DNS Changer botnet. As its name suggests, DNS Changer works by hijacking the domain name system (DNS) server settings on a computer; these settings point to Internet servers that are responsible for translating human-friendly domain names like example.com into numeric Internet addresses that are easier for computers to understand. DNS Changer swapped out victims’ legitimate DNS server settings with the addresses of DNS Servers controlled by Rove Digital. Armed with that control, the defendants could redirect any part of the Web browsing session on an infected user’s computer. This presented a unique challenge for the law enforcement officials and private security experts who sought to dismantle the fraud network. Experts had identified a large number of rogue DNS servers that were owned by front companies tied to Rove Digital, and indeed secured a court order to seize control over those servers. But experts warned the FBI that seizing the rogue DNS servers without first putting in place a backup system would effectively kill Internet access for the four million computers worldwide that were infected with DNS Changer. In response, the court appointed the job of swapping out the rogue DNS servers for clean ones to Internet Systems Consortium (ISC), a California nonprofit that maintains BIND, a DNS software package that is widely used throughout the Internet. “The big concerns came when all the evidence had built up on the law enforcement side, and people said, ‘Hey, there are millions of infected systems whose DNS is wrong,’” said Barry Greene, president and CEO of ISC. “We really wanted to keep people from having their DNS shut down, and everyone calling the help desk at their ISP or security provider to complain that their Internet wasn’t working.” In a press call with reporters, FBI officials said they would be working with industry to help notify ISPs about customers infected with DNS Changer. “It’s a complicated cleanup because the malware they put on there is boot-sector stuff,” Greene said. “So we’re not finished. We just finished phase 1, which is law enforcement putting handcuffs on people and making sure we don’t black out people on the ‘Net. The press release and outreach is phase two, and cleanup is phase three. We’ll be doing that for some time, I think.” Officials from the FBI and the U.S. Attorney for the Southern District of New York said they would seek to extradite the defendants to the United States. An FBI official told reporters that four of the arrested have been charged in Estonia and will probably face trial and any judgment over in that country before being extradited. The FBI said it would concentrate on extraditing two of the men arrested — Anton Ivanov and Valeri Aleksejev — neither of whom were charged in Estonia but were arrested provisionally. The U.S. government has had some success in extraditing Estonian cybercriminals. Sergei Tsurikov, an Estonian man convicted of participating in the coordinated $9 million ATM heist against RBS Worldpay in late 2008, was extradited to the U.S. last year after serving part of his time in an Estonian prison. Tsurikov is currently being processed through an federal jail in Atlanta. A copy of the indictments returned against the seven men is available here (PDF). This link from Estonian news outlet Delfi includes several pictures of the arrest and seizure of equipment from Rove Digital properties.
  22. "In what may become a precedent setting digital rights ruling, Judge Robert Blackburn of the United States District Court of Colorado ruled that compelling an individual to provide access to the encrypted contents of a device does not violate the US Constitution's prohibition of self incrimination. The ruling came during the trial of Ramona Fricosu, who is accused of taking part in fraudulent real-estate transactions. While serving a search warrant of Fricosu’s home, investigators confiscated a laptop for which they had a warrant. Finding the contents of the drive encrypted, the authorities then requested that Fricosu enter the password or otherwise provide to the court the unencrypted contents of the computer. The Electronic Frontier Foundation argued that such a request constituted a breach of Fricosu’s Fifth Amendment rights, and submitted an Amicus Curaie on Fricosu’s behalf over the summer. Yesterday Judge Blackburn, an appointee of George W. Bush, concluded that an individual's protection from self incrimination under the Fifth Amendment isn't violated by requiring production of the unencrypted contents of the laptop. The Fifth Amendment, part of the Bill of Rights, states that “No person shall… be compelled in any criminal case to be a witness against himself...” In explaining his rationale, Blackburn acknowledges the Supreme Court precedent that a defendant cannot be compelled to reveal the self-incriminating content of his or her mind, but concludes that that protection doesn't extend to the contents of the hard-drive. In step with that reasoning, the government has offered Fricosu immunity from the use of any information revealed in the actual act of producing the unencrypted contents of the laptop, whether by revelation of a password or otherwise. One prominent cyber law expert said the ruling isn't unexpected. "Doctrinally it's not too surprising," said Jonathan Zittrain of the Berkman Center for Internet and Society at Harvard University. “The fact that the person knows the password at all may not be usable against the person -- i.e. using the knowledge of the password to tie the person to the hard drive. That probably would fall under 5th Amendment protection.” In other words, even with the decrypted data in hand, the prosecution still needs evidence that they believe establishes Fricosu as the owner of the laptop even without the encryption key. Fricosu has until February 21, 2012 to provide a copy of the hard drive or appeal." Indictment of this case :hxxp://www.wired.com/images_blogs/threatlevel/2012/01/decrypt.pdf Source : hxxp://threatpost.com/en_us/blogs/judge-rules-forced-decryption-does-not-violate-fifth-amendment-012412
  23. What is identity theft? Identity theft occurs when someone uses your personally identifying information, like your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes. The FTC estimates that as many as 9 million Americans have their identities stolen each year. In fact, you or someone you know may have experienced some form of identity theft. The crime takes many forms. Identity thieves may rent an apartment, obtain a credit card, or establish a telephone account in your name. You may not find out about the theft until you review your credit report or a credit card statement and notice charges you didn’t make—or until you’re contacted by a debt collector. Identity theft is serious. While some identity theft victims can resolve their problems quickly, others spend hundreds of dollars and many days repairing damage to their good name and credit record. Some consumers victimized by identity theft may lose out on job opportunities, or be denied loans for education, housing or cars because of negative information on their credit reports. In rare cases, they may even be arrested for crimes they did not commit. How do thieves steal an identity? Identity theft starts with the misuse of your personally identifying information such as your name and Social Security number, credit card numbers, or other financial account information. For identity thieves, this information is as good as gold. Skilled identity thieves may use a variety of methods to get hold of your information, including: Dumpster Diving. They rummage through trash looking for bills or other paper with your personal information on it. Skimming. They steal credit/debit card numbers by using a special storage device when processing your card. Phishing. They pretend to be financial institutions or companies and send spam or pop-up messages to get you to reveal your personal information. Changing Your Address. They divert your billing statements to another location by completing a change of address form. Old-Fashioned Stealing. They steal wallets and purses; mail, including bank and credit card statements; pre-approved credit offers; and new checks or tax information. They steal personnel records, or bribe employees who have access. Pretexting. They use false pretenses to obtain your personal information from financial institutions, telephone companies, and other sources. For more information about pretexting, click here. What do thieves do with a stolen identity? Once they have your personal information, identity thieves use it in a variety of ways. Credit card fraud: They may open new credit card accounts in your name. When they use the cards and don't pay the bills, the delinquent accounts appear on your credit report. They may change the billing address on your credit card so that you no longer receive bills, and then run up charges on your account. Because your bills are now sent to a different address, it may be some time before you realize there's a problem. Phone or utilities fraud: They may open a new phone or wireless account in your name, or run up charges on your existing account. They may use your name to get utility services like electricity, heating, or cable TV. Bank/finance fraud: They may create counterfeit checks using your name or account number. They may open a bank account in your name and write bad checks. They may clone your ATM or debit card and make electronic withdrawals your name, draining your accounts. They may take out a loan in your name. Government documents fraud: They may get a driver's license or official ID card issued in your name but with their picture. They may use your name and Social Security number to get government benefits. They may file a fraudulent tax return using your information. Other fraud: They may get a job using your Social Security number. They may rent a house or get medical services using your name. They may give your personal information to police during an arrest. If they don't show up for their court date, a warrant for arrest is issued in your name. How can you find out if your identity was stolen? The best way to find out is to monitor your accounts and bank statements each month, and check your credit report on a regular basis. If you check your credit report regularly, you may be able to limit the damage caused by identity theft. For more information, visit the Detect Identity Theft section. Unfortunately, many consumers learn that their identity has been stolen after some damage has been done. You may find out when bill collection agencies contact you for overdue debts you never incurred. You may find out when you apply for a mortgage or car loan and learn that problems with your credit history are holding up the loan. You may find out when you get something in the mail about an apartment you never rented, a house you never bought, or a job you never held. What should you do if your identity is stolen? Filing a police report, checking your credit reports, notifying creditors, and disputing any unauthorized transactions are some of the steps you must take immediately to restore your good name. To learn more about these steps and more, visit the DEFEND: Recover from Identity Theft section. To file a complaint, click here. Should you file a police report if your identity is stolen? A police report that provides specific details of the identity theft is considered an Identity Theft Report, which entitles you to certain legal rights when it is provided to the three major credit reporting agencies or to companies where the thief misused your information. An Identity Theft Report can be used to permanently block fraudulent information that results from identity theft, such as accounts or addresses, from appearing on your credit report. It will also make sure these debts do not reappear on your credit reports. Identity Theft Reports can prevent a company from continuing to collect debts that result from identity theft, or selling them to others for collection. An Identity Theft Report is also needed to place an extended fraud alert on your credit report. You may not need an Identity Theft Report if the thief made charges on an existing account and you have been able to work with the company to resolve the dispute. Where an identity thief has opened new accounts in your name, or where fraudulent charges have been reported to the consumer reporting agencies, you should obtain an Identity Theft Report so that you can take advantage of the protections you are entitled to. In order for a police report to entitle you to the legal rights mentioned above, it must contain specific details about the identity theft. You should file an ID Theft Complaint with the FTC and bring your printed ID Theft Complaint with you to the police station when you file your police report. The printed ID Theft Complaint can be used to support your local police report to ensure that it includes the detail required. A police report is also needed to get copies of the thief’s application, as well as transaction information from companies that dealt with the thief. To get this information, you must submit a request in writing, accompanied by the police report, to the address specified by the company for this purpose. You can find more information and a model letter here. How long can the effects of identity theft last? It's difficult to predict how long the effects of identity theft may linger. That's because it depends on many factors including the type of theft, whether the thief sold or passed your information on to other thieves, whether the thief is caught, and problems related to correcting your credit report. Victims of identity theft should monitor financial records for several months after they discover the crime. Victims should review their credit reports once every three months in the first year of the theft, and once a year thereafter. Stay alert for other signs of identity theft. Don't delay in correcting your records and contacting all companies that opened fraudulent accounts. Make the initial contact by phone, even though you will normally need to follow up in writing. The longer the inaccurate information goes uncorrected, the longer it will take to resolve the problem. What can you do to help fight identity theft? A great deal. Awareness is an effective weapon against many forms identity theft. Be aware of how information is stolen and what you can do to protect yours, monitor your personal information to uncover any problems quickly, and know what to do when you suspect your identity has been stolen. Armed with the knowledge of how to protect yourself and take action, you can make identity thieves' jobs much more difficult. You can also help fight identity theft by educating your friends, family, and members of your community. The FTC has prepared a collection of easy-to-use materials to enable anyone regardless of existing knowledge about identity theft to inform others about this serious crime. ---------- Post added at 12:03 ---------- Previous post was at 12:00 ---------- What is Identity theft? Imagine you waking up one day and realizing that all your important personal and financial information has been compromised and it is in the hands of unscrupulous elements. All the information that signifies your very existence is being misused. What we are talking about here is your “IDENTITY”. If you loose your identity, you stand a chance of loosing everything that you’ve built so far in your life like: Your name Your bank accounts Your credit cards Your Social Security Number Your personal information (like your email IDs) What’s worse is that you could lose all this without you even knowing that you lost it and by the time you realize, it is too late to make amends and you’re probably bankrupt. This is exactly what happens when you disclose your personal details at unknown sources on the Internet. You are opening a Pandora’s Box and there is no looking back. What can someone do by using your Identity? To answer that put your self in the criminal’s shoes for a minute. What would you do if you had all the personal and financial information of somebody? You could wreck havoc and there’s no John McClane coming to the rescue as in Die Hard Movie. So what exactly can someone do with your identity? Well for starters they can make you go bankrupt. Here are some of the other things that can happen. They can Impersonate you Obtain loans, funds, credit cards using your personal details Acquire Social Security Number or Driver’s License Acquire fake passports (which if in the hands of terrorist can be a national threat) Perform other crimes for which you would be held responsible What information do fraudsters need to perform Identity theft? Unfortunately most of the information that they need for ID theft is documents that we usually are not very protective about like: Your name and address combined with Utility bills and credit card statements Bank account documents Bank statements ATM transaction slips Your birth certificates SocialSecurity Number Driver’s License Number There are two types of identity frauds that can be done to cards: Application fraud - A criminal uses your personal details to apply for and obtain a card or any kind of a bank product (for example, a loan). Account take-over - A criminal uses key personal information to totally takeover and start operating your account. How can you protect your Identity? The best approach to prevent yourself from being a victim of ID theft is to be cautious when it comes to letting out your personal and financial information. All have your antennas switched on. Following are some of the tips to help keep your identity safe: Never disclose personal information to anyone you do not trust. Do not provide your information until and unless you are sure about the caller. Fraudsters setup fake call centers using VOIP; this is known as “Vishing”. If in case of doubt you call the bank directly using the bank phone number listed on the bank website. Remember that banks always ask for specific characters like last 4 digits of your card or SSN not your entire card number or SSN for verification. Ensure that your personal documents are always secure. Your personal documents include your birth certificate, bank account details, passport, credit cards, driving license, SSN, card receipts, financial statements and even utility bills. Periodically peruse your bank statements to check for any transactions that have occurred without your knowledge. Dispose of financial statements, card receipts and other personal documents with utmost care. Tear or cut into pieces any such documents before trashing them. Keep the authorities informed if you have lost any personal item. For example, report a stolen credit card. Raise an alarm if you receive a telephone call or letter saying you have been approved or denied credit for accounts you know nothing about, or you receive a credit card statement for an account that you never opened. While paying by credit card, never let it out of your sight. Raise an alarm if the card is being swiped more than required, or if it is being scanned. In case of a change in address, ensure to notify the correct address to all recipients who send you statements to your address. Check that the Internet connection you are using is secure. Look for the lock at the bottom or https (an‘s’ appended to ‘http’) in the address field of your browser. These indicate that the connection is a secure one Make sure that you have automatic updates / firewall turned on and regularly download the security patches if you are a windows user. All said and done, even after taking all the precautions in case there was a slight slip from your end and you’ve mistakenly disclosed your personal details then, to re-trace your steps you can approach the following methods: If you have given out bank related information, inform bank authorities to watch out for transactions and change all the related passwords to gain control over your bank account. If your driving license or any cards are stolen, then, contact the agencies that issued the documents and follow their procedures to cancel a document and get a replacement. Ask the agency to “flag” your file to keep anyone else from getting a license or another identification document in your name. Keep an eye on your regular statements or bills that you receive. A missing bill or statement could mean that the fraudster is making use of your personal information. Sharing and Caring The power of knowledge can defeat any fraud! If you know what is happening to you or people around you, you can surely combat it. Online guards strongly emphasize that phishing and other Internet related scams can be put to bed by educating the end-user and passing the information to your near and dear ones. If you care for your friends and family members’ security, please do share this information to increase public awareness. Let's make Internet a happier place to visit.
  24. Numerous online forms of investment fraud mimic frauds previously committed over the phone or through direct mail. The Internet have provided new opportunities for defrauders including the ability to easily construct and develop online advertising, bulletin boards, online newsletters, e-mail, chat and Websites. For this reason, investment fraud over the Internet has increased and the Security Exchange Commission and the Federal Bureau of Investigation are aggressively prosecuting these crimes. In 2006, of all of the types of Internet fraud, the number of complaints received by the FBI for investment fraud equal 1.3% of over 200,000 such complaints. This article explains the most popular form of Internet fraud used by criminals in the United States. The Federal Bureau of Investigation (“FBI”) now finds itself in a position of having to combat traditional fraud schemes that have been adapted to the Internet. These schemes, which generally prey on less sophisticated individuals, seek to exploit Internet users by adapting the same methodologies used in telemarketing and direct mail schemes. In response, the FBI has created a “watch list” which it posts regularly to its website and offers through an e-mail alert service that notifies the recipient when new schemes are detected and reported. The FBI has also entered into a partnership with the National White Collar Crime Center and has created the Internet Crime Complaint Center, known as IC3. This allows the FBI to track and classify various fraudulent activities occurring via the Internet as a means of deterrence and law enforcement. What are the elements of a pump and dump scheme? One common investment fraud committed on the Internet is the "pump and dump" scheme. In this scheme, the defrauder uses various means to get online investors to purchase stock of a shell corporation or thinly traded company, often a penny stock. Once the price of the stock is driven up due to greater artificially stimulated demand, the defrauders sell their stock, gaining profit. Thereafter, the unwitting investors lose their money when the stock price falls. Typically, the defrauders will pay stock promoters for their assistance in this fraud, in violation of the SEC (Security Exchange Commission) regulations. These stock promoters write favorably about the corporation on online investment Websites or other media. This information is then received favorably by potential investors, who assume that it is written by a professional offering an impartial opinion. Can the elements of the pump and dump scheme be applied to short selling stock? Similarly, in short-selling or scalping themes, a defrauder may use the opposite tactic to commence fraud. In short selling or "scalping" schemes, the defrauder puts out false information to devalue a particular company's stock. The defrauder then purchases the stock once the stock falls in value, only to sell it off when the stock returns to its correct price absent the presence of fraudulent information. How do defrauders use a pyramid scheme to commence fraud? Another type of fraud is the Internet pyramid scheme. Internet pyramid schemes are presented to a potential investor as opportunities for making money. The investor is prompted to make an initial investment and is promised large profits for recruiting others to the scheme. Pyramid schemes can involve chain letters or actual products. Unlike the other schemes discussed above, profit is not made directly from sale of a product or a security, but rather from the signing up of others to join into the scheme. Eventually, the supply of investors becomes depleted, and the scheme dissolves. A common form of pyramid scheme used on the Internet is the chain letter. In this scheme, a potential investor will be asked for a minimal investment to be returned many times over by sending out the chain letter to others. This type of fraud does not usually result in large financial losses, but can take up investor's time and space of their computer. A ponzi scheme is a type of pyramid scheme, where potential investors are presented with the opportunity to invest in stock, hedge funds and other investment structures, with a potential high percentage return on their investment. Yet, instead of investing the investor's money, the operator uses it to pay dividends to the initial investors. For a short time, the investor will see a return on their money as more "investors" send their money to the operator. Although, as the supply of investors dries up, the operator of the scheme will flee with "investors" money in tow. What are other scenarios of online investment fraud? Another scheme involves offers of risk free or law risk investment opportunities. These offers can be sent to potential investors using the various Internet tools available to the defrauder including but not limited to email, advertisements and newsletters. More often then not, the investment offered f risk free, do not even exist.
  25. In all online shops which accept credit card was added "Credit Card Fraud Detection service" (further CCFDs). It's task is to percent of possibility of fraud. It counts as named fraud score (FS) based on main factors of legity. For example if FS higher than 2,5 it's adviced to manager to hold order or claim a call. Factors of fraud: 1. E-mail Domain - they look provider of your e-mail (if it's free email provider like hotmail.com) 2. Geographic Source-IP A country which IP belongs to and a country you're entering in the shop must be the same. 3. ********* Proxy - if IP of customer in black list. 4 High Risk Country - for example Russia, Ukrain, Moldova, Belorussia, Columbia, Egypt, Indonesia, Livan, Macedonia 5. Distance - - distance between IP location and shipping address. 6. Bin Number Match - country of bank emited the card and country of IP (check by BIN). 9-Carder E-mail - if entered e-mail is in database of famous carders. 10-Open Proxy - check IP on public proxy 11-Spam - checking IP in spam blacklist And that's the formula for counting FS: FS = 2.5 * isFreeEmail + 2.5 * countryDoesntMatch + 5 * highRiskCountry + 10 * min(distance,5000) / maxEarthArc + 2 * binDoesntMatch + 5 * carderEmail + 2.5 * proxyScore + spamScore/3 maxEarth = 20037. P.S.: for example it was surprise for me that also they count distance from IP location and billing address.
×
×
  • Create New...