KK, use the Security Token?
xxhttp://www.moneybookers.com/vip/token/
In theory Token> no Hacked
OT Thanks Tonino for the info
Casinos
Casinos By Status
Popular Filters
By Banking Options
Games
All Games
Bonuses
Popular Bonus Filters
Forums
Popular Forums
Forum User Features
Complaints
Submit A Complaint (PAB)
PAB Rules and Guidelines
Browse PABs
Gambling News
Popular News Sections
MoneyBookers account hacked and emptied...
- Thread starter KasinoKing
- Start date
xxhttp://www.moneybookers.com/vip/token/
In theory Token> no Hacked
OT Thanks Tonino for the info
- Joined
- Aug 25, 2004
- Location
- Bexhill on sea, England
I'm not a VIP at MB - only at Neteller.KK, use the Security Token?
xxhttp://www.moneybookers.com/vip/token/
In theory Token> no Hacked
OT Thanks Tonino for the info
But I will ask about this "token" system if/when I get my €880 back...
KK
- Joined
- May 12, 2007
- Location
- NOT Pennsylvania!!!
Good luck KK hopefully it will get sorted for you.
playborne
Banned User
- Joined
- May 9, 2011
- Location
- British Virgin Islands
I can't believe! thnx god I've always preferred other payment services, but still, when such a big deal, security should be taken care of..
Hi KK,
Sounds like you may have gotten a keylogger or a rootkit.
Backup your important personal data to an external Hard Drive if you have one and reload your operating system to be sure. There are even some rootkits that are still present on the system even after a reformat. It is sometimes necessary to format the master boot record as well to completely clean it as they can hide there too.
You may also want to try Microsoft Security Essentials (free) as your antivirus if you don't want to go through a reformat. It works quite well.
A small bit of info from wiki on rootkits:
Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternate, trusted operating system; behavioral-based methods; signature scanning; difference scanning; and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only alternative.
Sounds like you may have gotten a keylogger or a rootkit.
Backup your important personal data to an external Hard Drive if you have one and reload your operating system to be sure. There are even some rootkits that are still present on the system even after a reformat. It is sometimes necessary to format the master boot record as well to completely clean it as they can hide there too.
You may also want to try Microsoft Security Essentials (free) as your antivirus if you don't want to go through a reformat. It works quite well.
A small bit of info from wiki on rootkits:
Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternate, trusted operating system; behavioral-based methods; signature scanning; difference scanning; and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only alternative.
FreeDomme
Banned User
- Joined
- Apr 17, 2011
- Location
- Way out west, way way out.
Great info. Whether you think you have a problem or not everyone who uses a Windows computer for anything important should set aside an afternoon and go to
You do not have permission to view link
Log in or register now.
. You might be surprised at what lurks.
- Joined
- Aug 25, 2004
- Location
- Bexhill on sea, England
Minor update:
I got a "questionnaire" from MB asking me to formally identify the transactions I didn't make, confirm other security details and declare that I wasn't careless with my password...
Anyway - sent it back today. Now I guess I just have to wait & see what happens...
KK
I got a "questionnaire" from MB asking me to formally identify the transactions I didn't make, confirm other security details and declare that I wasn't careless with my password...
Anyway - sent it back today. Now I guess I just have to wait & see what happens...
KK
Mousey
Ueber Meister Mouse
- Joined
- Sep 12, 2004
- Location
- Up$hitCreek
Minor update:
I got a "questionnaire" from MB asking me to formally identify the transactions I didn't make, confirm other security details and declare that I wasn't careless with my password...
Anyway - sent it back today. Now I guess I just have to wait & see what happens...
KK
Well, that's nice of them... a WEEK after it happened... **sigh**
Thanks for the update. Keep us posted.
And good luck!
- Joined
- Aug 25, 2004
- Location
- Bexhill on sea, England
I finally got an answer from MoneyBookers... FOUR MONTHS after my €880 was stolen.
(Remember, I reported the theft to them within 2-3 hours of it happening)
Dear Mr. Worthless Customer,
We apologize for the delay.
We have received confirmation from our business partner that the funds have been withdrawn and they have left the system. A refund would not be posible.
We thank you for your patience regarding this matter and apologize one more time.
Kind regards,
Moneybookers Security
And they are SERIOUS!!!
KK
(Remember, I reported the theft to them within 2-3 hours of it happening)
Dear Mr. Worthless Customer,
We apologize for the delay.
We have received confirmation from our business partner that the funds have been withdrawn and they have left the system. A refund would not be posible.
We thank you for your patience regarding this matter and apologize one more time.
Kind regards,
Moneybookers Security
And they are SERIOUS!!!
KK
jod5413
Is That Better?
- Joined
- Mar 6, 2007
- Location
- somewhere on the planet
Wow KK,that is certainly a shocker!! Do they not realize that theft on a Money Booker acc't. is their problem, not just yours? I am continually amazed at situations such as this. Totally unacceptable. I am so sorry that you can't seem to be able to get this fixed and your money returned to you.
Mousey
Ueber Meister Mouse
- Joined
- Sep 12, 2004
- Location
- Up$hitCreek
Well... could they not confirm that someone with a different IP or something logged into your account????
My gawd... do the hackers always win??
I'm so sorry KK. Can you push them for further info to find out how it left your account? Did the hacker use your computer? Have you found any sign of trojans/malware/keyloggers, etc.?
This must be so frustrating!!
I fear these online wallets for just this reason. There should be more responsibility for the safety of their customers' monies.
P.S. ... and where did that money GO?? They must have records? They should be able to tell you exactly where it went. And if it went to casinos, how did they make a deposit with an account that wasn't theirs?
My gawd... do the hackers always win??
I'm so sorry KK. Can you push them for further info to find out how it left your account? Did the hacker use your computer? Have you found any sign of trojans/malware/keyloggers, etc.?
This must be so frustrating!!
I fear these online wallets for just this reason. There should be more responsibility for the safety of their customers' monies.
P.S. ... and where did that money GO?? They must have records? They should be able to tell you exactly where it went. And if it went to casinos, how did they make a deposit with an account that wasn't theirs?
If I may ask, why didn't you call or contact them via live chat? ..and I'm not saying it's your fault for them being slow with the email.I finally got an answer from MoneyBookers... FOUR MONTHS after my €880 was stolen.
(Remember, I reported the theft to them within 2-3 hours of it happening)
Dear Mr. Worthless Customer,
We apologize for the delay.
We have received confirmation from our business partner that the funds have been withdrawn and they have left the system. A refund would not be posible.
We thank you for your patience regarding this matter and apologize one more time.
Kind regards,
Moneybookers Security
And they are SERIOUS!!!
KK
The live chat is well hidden but it is there: Link Removed ( Old/Invalid)
Nifty29
Dormant account
- Joined
- Jun 20, 2001
Are you serious?
I suggest you actually read the thread before you make ill-considered comments like that again.
The fact that you think it would have been better handled via live chat shows that you have failed to grasp the gravity of the situation.
vinylweatherman
You type well loads
- Joined
- Oct 14, 2004
- Location
- United Kingdom
So, it took them FOUR MONTHS to figure out the money had "left the system". It wouldn't even need an investigation to figure out it would barely take four DAYS for a determined fraudster to launder money through, and out the other end.
It seems that the hackers get away with such things because they act far more quickly than Moneybookers. Had the acted within the hour of it being reported, the money would still be IN the system, and easily recoverable.
Maybe they spent too much time working out how it was your fault, so when they realised it wasn't it was far too late to recover anything.
This simply teaches thieves that Moneybookers is an "easy target" to attack, and highly likely to be successful. This in turn leads to more attacks on the Moneybookers system, and even more victims. The lack of legal responsibilty these eWallets have for such incidents means they don't have to put too much effort into guarding against it, since it is the victim that ends up liable for the loss.
If Moneybookers were legally liable to cover losses down to hacks of their systems, they would make a much greater effort to make them secure, and would act quickly if a breach DID ocurr.
It's something the regulators need to address, since they must know by now that any business will look to get away with what it can, and allowing them to dodge legal responsibilty for something because they will cover it anyway for "good will" and/or "self regulation" is extremely naive, as NUMEROUS regulators and government bodies have discovered in the past.
It seems that the hackers get away with such things because they act far more quickly than Moneybookers. Had the acted within the hour of it being reported, the money would still be IN the system, and easily recoverable.
Maybe they spent too much time working out how it was your fault, so when they realised it wasn't it was far too late to recover anything.
This simply teaches thieves that Moneybookers is an "easy target" to attack, and highly likely to be successful. This in turn leads to more attacks on the Moneybookers system, and even more victims. The lack of legal responsibilty these eWallets have for such incidents means they don't have to put too much effort into guarding against it, since it is the victim that ends up liable for the loss.
If Moneybookers were legally liable to cover losses down to hacks of their systems, they would make a much greater effort to make them secure, and would act quickly if a breach DID ocurr.
It's something the regulators need to address, since they must know by now that any business will look to get away with what it can, and allowing them to dodge legal responsibilty for something because they will cover it anyway for "good will" and/or "self regulation" is extremely naive, as NUMEROUS regulators and government bodies have discovered in the past.
I didn't say it would've been handled any better, probably just faster especially if he had called them.
He actually did call them (https://www.casinomeister.com/forums/threads/moneybookers-account-hacked-and-emptied.43986/)
You only need to hack someones email used at MB and use the PW retrieval option. Same goes for Neteller.
Last edited:
- Joined
- Aug 25, 2004
- Location
- Bexhill on sea, England
As per post #17 of this thread:
I'm afraid my knowledge has not improved since then - i.e. I still don't know the answers to any of those questions.I've no idea how it happened.
I don't know anything about "password crackers" - how do they work?
My password was definitely not obvious - no-one could ever guess it.
And no, definitely no dodgy casinos for me!
I spoke to them on the phone straight away and I had to change my password & e-mails on the account - closing the door after the horse has bolted...
I guess it might be a day or two before I hear the final outcome. I don't know - this hasn't happened to me before.
It didn't go to a bank account - it's either gone direct to another MB member, or to a dodgy looking Russian casino; the e-mail it went to was rushplaynv @ googlemail.com.
There is a casino at rushplay.com - but because it's a Google e-mail it might not be anything to do with them. Who knows?
KK
If you use "Password retrieval" don't they give you a new temporary password?
And wouldn't I have got that password to my own e-mail in-box?
I have no idea how hackers work, all I can say is that after the theft I was still able to log-in with my original e-mail & password - so I do know that they didn't change those details on my account.
I have obviously written back to MB asking for this to be escalated higher, and also to the FSA to see if they can offer any help.
All I can do now is cross my fingers.
KK
As per post #17 of this thread:
I'm afraid my knowledge has not improved since then - i.e. I still don't know the answers to any of those questions.
If you use "Password retrieval" don't they give you a new temporary password?
And wouldn't I have got that password to my own e-mail in-box?
I have no idea how hackers work, all I can say is that after the theft I was still able to log-in with my original e-mail & password - so I do know that they didn't change those details on my account.
I have obviously written back to MB asking for this to be escalated higher, and also to the FSA to see if they can offer any help.
All I can do now is cross my fingers.
KK
Totally missed that point. Usually its just emails that are hacked.
Its years since I used MB and just checked the PW retrieval process.
kk when u send money to another email via mb dont you need your date of birth also , so they got your email , password and date of birth ?
@asghan you would probably be safer but nothing is 100 % these days , i wouldnt leave big amounts of funds that you couldnt afford to lose sitting anywhere
@asghan you would probably be safer but nothing is 100 % these days , i wouldnt leave big amounts of funds that you couldnt afford to lose sitting anywhere
Mousey
Ueber Meister Mouse
- Joined
- Sep 12, 2004
- Location
- Up$hitCreek
As per post #17 of this thread:
I'm afraid my knowledge has not improved since then - i.e. I still don't know the answers to any of those questions.
If you use "Password retrieval" don't they give you a new temporary password?
And wouldn't I have got that password to my own e-mail in-box?
I have no idea how hackers work, all I can say is that after the theft I was still able to log-in with my original e-mail & password - so I do know that they didn't change those details on my account.
I have obviously written back to MB asking for this to be escalated higher, and also to the FSA to see if they can offer any help.
All I can do now is cross my fingers.
KK
I'm sorry KK, I didn't mean to interrogate you. It's just that most of those questions should and could be answered by MB. They know (or should know) if the activity initiated from your computer (usually from a botnet via malware installed on your computer), or from a different IP location. Same with the other stuff... *sigh* I'm just so sorry they're not helping, and it horrifies me that these type hacks seem to be escalating.
And ewallets want us to leave money in our accounts??
I wish you luck with this. Plese let us know if you hear anything further.
vinylweatherman
You type well loads
- Joined
- Oct 14, 2004
- Location
- United Kingdom
The information needed differs depending on how the hackers work.
To log in to the eWallet and "push" the money out requires all the login information. This can be taken by using a keylogger or similar piece of spyware on the account holder's computer. Hacking the email address can be done by compromising the security of the ISP hosting the email server. It does not necessarily require the user to have been careless. The third way is by setting up an account at a merchant (casino), and "pulling" the money in via a deposit. It seems that casinos tend to check for irregularities upon withdrawal of winnings, so this gives an opportunity for a fraudster to bring the money in and find another way of moving it through the merchant's system other than withdrawing it. With poker, this is often done using a "chipdump" to a receiving account, and hoping it is not obvious enough for the poker operator to spot it before the money leaves the receiving account. It can also be done with a casino, but it is harder and can only move smaller amounts of money. The Microgaming MPV "sit & go" tournaments are the simplest way to approach this, but this would quickly get spotted if larger amounts were involved because these events get relatively little action, and a sudden increase (especially from the same 5 players) would be quickly noticed.
It's possible that the hacker removed the money before figuring out how to get it out, and ended up playing it away instead of benefiting from it.
It seems rather odd, given the close level of cooperation seen between Moneybookers and casinos when it comes to confiscating winnings already paid out, but subsequently recalled due to "bonus abuse", and the sharing of quite detailed inter player transaction history between Moneybookers and casinos, that it took them four MONTHS to track this money through these same merchants and discover that it was too late to retrieve it.
The only option now would be to take Moneybookers to court and show that the loss was due to their negligence in some way, and that they could reasonably have prevented the fraudsters getting away with the money. I am not sure the FSA will be any better than the LGA in this respect, although a complaint to the Financial Ombudsman might carry more weight as a prelude to any court action.
Moneybookers would be forced to turn up and show the court proof that it did all it reasonably could to prevent the fraud, and they may decide to cough up the €880 rather than have their actions examined under the spotlight of a court case. Losing such a case would also set a precedent that could trigger further claims from others who have had their accounts hacked.
To log in to the eWallet and "push" the money out requires all the login information. This can be taken by using a keylogger or similar piece of spyware on the account holder's computer. Hacking the email address can be done by compromising the security of the ISP hosting the email server. It does not necessarily require the user to have been careless. The third way is by setting up an account at a merchant (casino), and "pulling" the money in via a deposit. It seems that casinos tend to check for irregularities upon withdrawal of winnings, so this gives an opportunity for a fraudster to bring the money in and find another way of moving it through the merchant's system other than withdrawing it. With poker, this is often done using a "chipdump" to a receiving account, and hoping it is not obvious enough for the poker operator to spot it before the money leaves the receiving account. It can also be done with a casino, but it is harder and can only move smaller amounts of money. The Microgaming MPV "sit & go" tournaments are the simplest way to approach this, but this would quickly get spotted if larger amounts were involved because these events get relatively little action, and a sudden increase (especially from the same 5 players) would be quickly noticed.
It's possible that the hacker removed the money before figuring out how to get it out, and ended up playing it away instead of benefiting from it.
It seems rather odd, given the close level of cooperation seen between Moneybookers and casinos when it comes to confiscating winnings already paid out, but subsequently recalled due to "bonus abuse", and the sharing of quite detailed inter player transaction history between Moneybookers and casinos, that it took them four MONTHS to track this money through these same merchants and discover that it was too late to retrieve it.
The only option now would be to take Moneybookers to court and show that the loss was due to their negligence in some way, and that they could reasonably have prevented the fraudsters getting away with the money. I am not sure the FSA will be any better than the LGA in this respect, although a complaint to the Financial Ombudsman might carry more weight as a prelude to any court action.
Moneybookers would be forced to turn up and show the court proof that it did all it reasonably could to prevent the fraud, and they may decide to cough up the €880 rather than have their actions examined under the spotlight of a court case. Losing such a case would also set a precedent that could trigger further claims from others who have had their accounts hacked.
GrandMaster
Dormant account
- Joined
- Jan 21, 2004
- Location
- UK
The FSA don't deal with individual complaints. Check with the Financial Ombudsman Service if they deal with Moneybookers (it is a FSA authorised e-money issuer). If you file a complaint with the FOS, it won't cost you a penny, but it will cost Moneybookers almost as much as if it had just reimbursed you.As per post #17 of this thread:
I'm afraid my knowledge has not improved since then - i.e. I still don't know the answers to any of those questions.
If you use "Password retrieval" don't they give you a new temporary password?
And wouldn't I have got that password to my own e-mail in-box?
I have no idea how hackers work, all I can say is that after the theft I was still able to log-in with my original e-mail & password - so I do know that they didn't change those details on my account.
I have obviously written back to MB asking for this to be escalated higher, and also to the FSA to see if they can offer any help.
All I can do now is cross my fingers.
KK
- Joined
- Jun 5, 2006
- Location
- Edmonton Canada
I use MB for the convenience but I have to say that they have the worse customer service on the planet. They lost some funds of mine when I was withdrawing to my bank, I sent an email and got a 'we're looking into it, you'll hear from us in a couple days' mail, then I never heard anything else. I finally called them (on my dime) and after keeping me on hold for 15 minutes they said they couldn't help me and that I'd just have to wait. Eventually the money just showed up in my bank but never did receive a mail back from them or any response at all after that first one. 
Their response to you totally sucks KK, there has to be someone you can turn to.
Their response to you totally sucks KK, there has to be someone you can turn to.
- Joined
- May 12, 2007
- Location
- NOT Pennsylvania!!!
Don't worry as the security tokens generate a unique code for each transaction.
Unlucky KK
.If you deposit like €5k a month they will make you a VIP and send the security token for nothing. Otherwise it is £15. I actually bought one for £15 and am very pleased with it as it makes the system foolproof afaik.
Similar threads
Users who are viewing this thread
-
REGISTER NOW!! Why? Because you can't do diddly squat without having been registered!
At the moment you have limited access to view most discussions: you can't make contact with thousands of fellow players, affiliates, casino reps, and all sorts of other riff-raff.
Registration is fast, simple and absolutely free so please, join Casinomeister here!