My Neteller hacked... be vigillant

[conker]

Hi guys, just a note to encourage all Neteller users to be vigillant as my account was hacked and I have no idea how these guys did this.

A Russian hacker transferred what I had in my account (around $400) to their account with a .ru email. During this process they also changed the email on my account. You might be wondering how I didn't spot this email change? Well, over the course of the last few days I have received an email dump of around 2000 emails, something that has never happened before and has since ceased as well. After a search in my email account today I found the email that alerted me to the email account change. This morning I noticed the suspicious transaction and alerted Neteller, they are now investigating.

I am super careful with all my Neteller ID'd passwords and secret questions, I don't follow links in emails to Neteller, I always type directly into the browser. So how these guys did this has baffled me. By the way, I am not suggesting anyone at this forum has anything to do with it, I just know that many people here use Neteller.

I will let you know what comes of the investigation.

See Related Threads:

• Demo Play Not The Same As Real
• Verification Drama Continues @ Casoola
• We Had a Problem Here At Insomniacs Lounge
• Crystal Palace Group Won't Pay My Winnings...
• Suspicious.Cloud.7.F

 

[hedgehok]

Hi guys, just a note to encourage all Neteller users to be vigillant as my account was hacked and I have no idea how these guys did this.

A Russian hacker transferred what I had in my account (around $400) to their account with a .ru email. During this process they also changed the email on my account. You might be wondering how I didn't spot this email change? Well, over the course of the last few days I have received an email dump of around 2000 emails, something that has never happened before and has since ceased as well. After a search in my email account today I found the email that alerted me to the email account change. This morning I noticed the suspicious transaction and alerted Neteller, they are now investigating.

I am super careful with all my Neteller ID'd passwords and secret questions, I don't follow links in emails to Neteller, I always type directly into the browser. So how these guys did this has baffled me. By the way, I am not suggesting anyone at this forum has anything to do with it, I just know that many people here use Neteller.

I will let you know what comes of the investigation.

Do you use similar/same passwords for casinos and Neteller?
Thank you for letting us know, very worrisome.

 

[Jono777]

Yes thank you, very worrying indeed

I do not have Neteller but do have Skrill which is virtually the same thing?

Sometimes I do have a decent amount which I leave in, keeps my bank statement clear and saves me going out for Paysafe vouchers when I fancy a flutter.

Will be using ATM the moment my withdrawals hit now or directly transferring to bank, even if it does take 2-3 days.

Thank you and good luck in getting your matter resolved in your favour!

 

[Casinomeister]

Ironically, I am disputing three charges to AT&T via Neteller. I haven't a clue for what these charges are for, and Neteller has been pretty dismal in clearing this up. Their VIP support is absolutely the worst I've dealt with. I'm about ready to PAB.

And like Conker, I'm pretty careful with my NT account.

 

[Nottsogreen]

They were hacked ...

According to Forbes article on 30/11, they admitted to losing details of 7M clients.. That was kept quiet !

You do not have permission to view link Log in or register now.

Id be changing security questions fairly quickly

Scarily, these attacks go back to 2009/10

You do not have permission to view link Log in or register now.

 

[conker]

Do you use similar/same passwords for casinos and Neteller?

No I don't and I generally use pretty strong passwords.

Ironically, just 4 or 5 days ago I did a full verification (holding passport up to webcam with their new security checks). They also just switched their site to a new look version.

Having read that article in Forbes, I can't believe Neteller were using a Joomla site - seriously! They must be taking payments in the millions every day and their using some open source CMS!!!

The Neteller attack involved an exploit of a vulnerability in the Joomla content management system, whilst the Moneybookers breach saw a virtual private network (VPN), designed to provide secure access to the firm’s network, hacked and a transaction database accessed.

 

[dave1888]

My password is pretty unique but I'll definitely tweek it and make it more complex with immediate effect! Thanks for the heads up.

Online Banking and regular banking hacking has been rife the last couple of years. I know several people who were hacked or have had funds syphoned. Frightening.

 

[neilw]

Neteller has a two factor authentication facility. If you haven't already I suggest switching this on to increase login security.

It will step you through the process, you need to install an app on your phone that will generate a unique code that you have to enter when you login. So even if your password does get compromised they won't be able to login without the code.

 

[Casinomeister]

I think my issue was from using my credit card in the wrong place. I used it in Italy in September, and then in October someone started paying their AT&T bills with it. Not much of a response from Neteller, by the way. Their email support is pretty bad.

 

[onkel]

I think my issue was from using my credit card in the wrong place. I used it in Italy in September, and then in October someone started paying their AT&T bills with it. Not much of a response from Neteller, by the way. Their email support is pretty bad.

At least you have to give the thief credit for spending the money on necessities, and not just go gambling it off or buy some stupid crap

 

[Harry_BKK]

I think my issue was from using my credit card in the wrong place. I used it in Italy in September, and then in October someone started paying their AT&T bills with it. Not much of a response from Neteller, by the way. Their email support is pretty bad.

Agree Bryan, their support is not the fastest. However, i had email contact with one guy once and he was fast and competent in his responses. I can send you his email address via PM if you want.

 

[09237653]

Scary stuff, do they not have a two step authentication you can set up to protect yourself better?

This is why I wont really touch these kind of services, at least with the bank or credit card if this kind of thing happens I'm much better protected, not that it has (touch wood)

 

[Jakestar]

Another thing worth noting; do you use Chrome and is your Neteller password saved in Chrome as in it auto fills and is stored in your saved password list within Chrome. If it is, it's worth knowing that your saved passwords are linked to your gmail account and can be synced to other computers with just your gmail login details. Onething to think about as gmail accounts are I believe are quite vunerable and probably quite easy for a hacker to hack / gain access to.

 

[LOOKAWAY]

I used my net card at Tescos online and was charged £3 or £5, to lazy to see if It was rejected or not wanting to see my Neteller history

 

[vinylweatherman]

I used my net card at Tescos online and was charged £3 or £5, to lazy to see if It was rejected or not wanting to see my Neteller history

You are not supposed to be getting charged at all for retail purchases, and Tesco does not charge for cards anyway, it's hardly Ryanair

 

[LOOKAWAY]

You are not supposed to be getting charged at all for retail purchases, and Tesco does not charge for cards anyway, it's hardly Ryanair

Thanks for letting me know, I thought it was one of those charges where it's taken and then given back for whatever reason this time. Normally an odd amount that you are asked about as verification. Or it stays pending never leaves account then is canceled. I will go back threw and see if it was ever canceled.

 

[vinylweatherman]

Thanks for letting me know, I thought it was one of those charges where it's taken and then given back for whatever reason this time. Normally an odd amount that you are asked about as verification. Or it stays pending never leaves account then is canceled. I will go back threw and see if it was ever canceled.

That's a possibility. Such charges never get seen on a regular card statement as they are never applied, but they may show on a Neteller statement. I have also found that these charges are quoted when a fraud trigger is set off and you have to confirm that you made the last 4 transactions or attempted transactions, the verification charges DO get read out then, but never show on the statement. I think for Tesco it's something like £2. Petrol pumps check for £99, but they tell you this.

 

[randomiam]

...

Im just wondering if the netella owners are going to mess skrill up there more fees already.

 

[LOOKAWAY]

Found a couple £2 fees both were declined.

I was hoping Skrill would change the name back to Money Bookers and would do a free net card.

 

[conker]

Having started this thread nearly 2 months ago I can now inform you that I have now finally been given access back to my account. During that time I was required to:

1. Send a photo of me holding my ID - Twice
2. Answer 10 security related questions
3. Generate a crime reference through Action Fraud (UK)

Certainly a case of guilty until proven innocent.

This industry needs more competition, especially now that the two biggest ewallets are owned by the same company.

 

[fun4all]

This industry needs more competition, especially now that the two biggest ewallets are owned by the same company.

Totally agree, Neteller buying Skrill was the worst thing ever for us punters

 

[Webzcas]

Just reading this now Conker. It could have been much much worse. Since about 18 months ago, I have not used Neteller and have no cards or accounts linked to my now 'defunct' Neteller Account. I also have removed my cards from Paypal.

Since day one of becoming an affiliate webmaster way back in 2004, I have always been worried about the security of ewallets. Funnily enough though I did have my bank card cloned after a trip to Gibraltar.

A total of £75 was used by way of small deposits at Gibraltar based casinos, the likes of which I never play at....

Bank refunded the money when realised I never deposit that small when playing online

 

[lockinlove]

In the last couple of months I kept getting emails (Unauthorized log in attempts) from skrill and paypal but I was busy so I didnt check my emails and discovered all these failed log in attempts at once. . So Im assuming someone has been trying to guess my password.

I called both paypal and skrill and they sent me an IP address from somewhere in the USA that keeps attempting to hack my accounts. Both of these merchants blocked my account and I asked they keep them blocked for now as I dont really use them.

Im concerned to say the least that someone is sitting there trying to figure out my passwords etc. I called my bank and make them aware and to please keep an eye on all accounts.

I dont click on links via email or anything like that.

So im wondering how they knew I had a skrill and paypal account and what email address to use


Here is one of the warnings I got from paypal

We noticed some unusual activity on your PayPal account on 11/01/2016 on 02:16 GMT-05:00 near Manassas US and are concerned about potential unauthorized account access.

 

[fun4all]

So im wondering how they knew I had a skrill and paypal account and what email address to use

Many online casinos/gambling sites/forums have been hacked right up till very recently. A substantial amount of the time they admit it, some of the time they don't. Neteller did not admit this one example of a hack until quite recently

You do not have permission to view link Log in or register now.

.

It is not something specific to gambling sites, even Sony's PSN and Apples cloud have been hacked. However when the hackers gain access to gambling sites they might not get your card cvc number but they do get your email address, neteller details, skrill email address etc. In some instances they can decrypt the password files. I have been emailed my own password before in plain text from an online casino as I am sure some others have. Security is not always up to much.

What these hackers then do armed with email addresses, neteller ID's and passwords for a site is go and try these details on skrill etc to see if the password is the same and they can get in and transfer your money. They also sell these details onto other hackers etc. It's horrendous but protect yourself. Get the secure token when you can and use unique passwords for anything where you keep money. Please don't believe any site which tells you they keep your details secure - its never secure from the cleverest of hackers.

 

[lockinlove]

Many online casinos/gambling sites/forums have been hacked right up till very recently. A substantial amount of the time they admit it, some of the time they don't. Neteller did not admit this one example of a hack until quite recently

You do not have permission to view link Log in or register now.

.

It is not something specific to gambling sites, even Sony's PSN and Apples cloud have been hacked. However when the hackers gain access to gambling sites they might not get your card cvc number but they do get your email address, neteller details, skrill email address etc. In some instances they can decrypt the password files. I have been emailed my own password before in plain text from an online casino as I am sure some others have. Security is not always up to much.

What these hackers then do armed with email addresses, neteller ID's and passwords for a site is go and try these details on skrill etc to see if the password is the same and they can get in and transfer your money. They also sell these details onto other hackers etc. It's horrendous but protect yourself. Get the secure token when you can and use unique passwords for anything where you keep money. Please don't believe any site which tells you they keep your details secure - its never secure from the cleverest of hackers.

I havent even used or logged into that skrill account in 5 years..and that paypal account I created but never used either. Last time I logged into that paypal account was a year ago atleast.

I used my skrill account for a few poker transactions 5ish years ago. And the paypal never made a transaction.

Any thoughts on why or how they are trying log in after all these years?