Unauthorized NetellerInstacash deposits >$5000!!

indicka

Dormant account
Joined
Sep 28, 2006
Location
bright side of the road
Be careful everyone! Dont be an victim like me.

Last night, I received a series of confirmation emails from Neteller that shook me up a bit. :eek:

You have made a successful instaCASH deposit for $2,912.00.

'When did I do that,' I thought to myself. :confused:

The next four emails confirmed successful credit card deposits totallng over $2000.

'WTF is going on here?' I said to my cat. :eek2:

The last 5 emails reported unsuccessful credit card deposits...deposits were declined.

All this happened within an hour span as I was eating dinner. After every successful deposit into my Neteller account, these thieves immediately transfered the funds to another Neteller merchant in Euros. Im in California, USA. Up until last night my account didnt even know what a Euro was.

I called my bank and Neteller and reported this to them immediately. The Neteller agent informed me that according to what he can see, those transactions were made from my computer! :mad:
Neteller closed my account and told me to email their investigations department and to wait for their response.

Not taking any more chances for now. This morning I closed my bank account.

My point, which cant be said enough, is monitor your account activity regularly and carefully!...I put my guards down for a little and was knocked with this crap!
 

winbig

Keep winning this amount.
Joined
Mar 10, 2005
Location
Pennsylvania
I would scan for spyware/malware/trojans ASAP.

If you find anything, KEEP THE LOGS, and even take screenshots, if possible. That way you can prove to Neteller and your Bank that your computer was definitely not under your control when those deposits were made/attempted.

Afterwards, I would even suggest backing up everything you need, formatting and reinstalling everything just to make sure.


*Disclaimer* Only do it if you're comfortable with doing so :p

...why everyone doesn't have a firewall installed is beyond me....
 

indicka

Dormant account
Joined
Sep 28, 2006
Location
bright side of the road
I would scan for spyware/malware/trojans ASAP.

If you find anything, KEEP THE LOGS, and even take screenshots, if possible. That way you can prove to Neteller and your Bank that your computer was definitely not under your control when those deposits were made/attempted.

....

Yes I try to keep keep logs of all activity to the best of my abilities.

I believe Neteller knows what is going on here. If anything, Neteller should prove to me I made those deposits! This just another case of guilty until proven less gulity.
 

winbig

Keep winning this amount.
Joined
Mar 10, 2005
Location
Pennsylvania
Yes I try to keep keep logs of all activity to the best of my abilities.

I believe Neteller knows what is going on here. If anything, Neteller should prove to me I made those deposits! This just another case of guilty until proven less gulity.

Yea...I think keeping a 'paper trail' would benefit you more with your bank than Neteller, if anything.
 

vinylweatherman

You type well loads
Joined
Oct 14, 2004
Location
United Kingdom
Phishing

If no trojans are spotted, it is just possible that Phishing attempts may have succeeded in the past. Once the thieves have the 6 digit number and password, this crime is easy to carry out, and it can be done really quickly!
The fact that it was so easy for the thieves to both steal the money, and "launder" it to another account will not help those poor Neteller founders recently arrested. While they can't be blamed for allowing the funding, surely they should have some sort of hold before a transfer can be made to another Neteller Member rather than a player's own casino account, where the money is at least safe unless the thieves gamble it away.
If the amount of these transactions is totally beyond the norm, their systems should have kicked in straight away, and if the money is still in the Neteller system they should be able to lock the receiving account and recover the money back to the original credit cards.
 

winbig

Keep winning this amount.
Joined
Mar 10, 2005
Location
Pennsylvania
If no trojans are spotted, it is just possible that Phishing attempts may have succeeded in the past. Once the thieves have the 6 digit number and password, this crime is easy to carry out, and it can be done really quickly!

That would be possible, but Neteller did say it came from their computer...

As far as the money still being in their system, it's not. It was transferred to another merchant...
 

indicka

Dormant account
Joined
Sep 28, 2006
Location
bright side of the road
If no trojans are spotted, it is just possible that Phishing attempts may have succeeded in the past. Once the thieves have the 6 digit number and password, this crime is easy to carry out, and it can be done really quickly!
The fact that it was so easy for the thieves to both steal the money, and "launder" it to another account will not help those poor Neteller founders recently arrested. While they can't be blamed for allowing the funding, surely they should have some sort of hold before a transfer can be made to another Neteller Member rather than a player's own casino account, where the money is at least safe unless the thieves gamble it away.
If the amount of these transactions is totally beyond the norm, their systems should have kicked in straight away, and if the money is still in the Neteller system they should be able to lock the receiving account and recover the money back to the original credit cards.

This occured less than 18 hours ago. I was able to close my bank account before money was taken out of my account..(instacash is not really immediately like they say)

Yes, these transactions are totoally out of norm. I've made hundreds of InstaCash deposits...and never have I made any deposits over $75...not once...and my deposits have always been whole dollars. These unauthorized transactions were all USD with change, but when transfered to another merchant, they all turn out to be whole numbers in Euros..hmm?

I'm surprised Neteller even allowed for them to attempt 5 unsuccessful credit card deposits, one minute after another.
 

vinylweatherman

You type well loads
Joined
Oct 14, 2004
Location
United Kingdom
System

That would be possible, but Neteller did say it came from their computer...

As far as the money still being in their system, it's not. It was transferred to another merchant...

It will be in the other merchant's NETELLER account, and it isn't that easy to get money out of Neteller as fast as it can be put in. If Neteller were alerted early, which seems the case, they should have locked ALL accounts in this chain, including the merchant. The fact that a merchant is involved says nothing for the vetting procedures employed by Neteller when deciding if a company is really a proper business or a scam. The FBI will have a field day when they hear about the speed with which the thieves were able to remove the money from the entire system, and for a very substantial amount that could fund some serious criminal activity.

If Neteller say this was done from the user's computer, two questions? 1) was it actually switched on at the time this took place? 2) Was it connected to the internet during this time. If both these are true, this points to a trojan application executing commands from a remote computer through a port. There are some defined ports through which Windows will accept input as though coming from the user's keyboard. A trojan module has to be in place to open the port and feed the comands through, while at the same time ensuring nothing looks out of place to anyone using the PC. They could have got the initial account data from Phishing, including the MAC of the PC as well as the IP address, or they could have inserted a keylogger or screen logger through a malware application. Download any GFED casinos recently?:D

A complete reinstallation is a good move, however inconvenient, and do not allow the PC near the internet till this has been done in case further information is compromised.
I would really like to see more openness from Neteller in telling us how these thieves got away with this, enough at least for us to know the vulnerabilities that we ourselves may have left open for them, and how we should close them.
 

Slotster!

I predict a riot.
Joined
Oct 17, 2004
Location
Location, Location!
'WTF is going on here?' I said to my cat. :eek2:

Classic :lolup:

I too would like to know if you were actually sat at your computer at the time (in fact you must've been to see the confirmation emails) - and on what basis have Neteller decided they were made "from your computer"?

Like others have said, sounds more like the info obtained elsewhere - logged in and away they go. I don't really understand how they can ever profit from this though without being instantly traced in terms of how the money eventually 'leaves' Neteller...

I hope the thieves aren't looking to go anywhere anytime soon mind... It took them seven days to accept a few hundred quid deposit off me! :rolleyes:
 

amatrine

Crazy Cat Lady
Joined
Jul 3, 2002
Location
Arizona City, Az
Re

I had this happen from a keylogger from my neteller. Neteller held me repsonsiable for the funds. To this day I get collection calls, and refuse to pay for it, though I know they got more money from me than what was stollen in affilate payments that to this day get deposited into neteller I cant claim.( despite numerous attempts at contacting thiese affilates and telling them I cant accept neteller, another matter) They also said it was from my computer. It wasnt.

I did find a virus when I scanned the computer and removed it, and closed and changed all my accounts, ( ebay, paypal, bank cards)

Was a pain, but now I scan this thing every day. Lesson learned.
I also have a young daughter who plays games on this computer and when she does I pick up all kinds of spywayre etc, so probably how it got here in the first place.

Ama
 

REOdeathwagon

Dormant account
Joined
Mar 31, 2006
Location
arizona
It is possible to shut off Instacash from your NETeller account, though not easy.

Mine had to be confirmed over the phone. They would not do it online. Which probably will be very difficult at this time, in light of the recent developments.


REOdeathwagon
 

vinylweatherman

You type well loads
Joined
Oct 14, 2004
Location
United Kingdom
Funny

Strange how legitimate transactions seem to suffer endless delays and security issues, plus the usual "red tape", yet in the two cases where thieves stole money they were in & out in no time, moved thousands in one case, yet Neteller security saw no reason to invoke the annoying "security procedures".

As for amatrine, Neteller are only entitled to seize the amout in dispute, if affiliate payments have more than covered this, the excess is payable over to amatrine.
Banks don't normally pursue victims of fraud, they claim they knew what they were doing and should have taken precautions. Now - guess who is the victim now, of over zealous FBI officials making two FORMER Neteller execs carry the can for the sh1T that only really hit the fan last year, with current Neteller execs wondering if the FBI will find a way to get hold of them too!

I can just imagine,

Exec = "It wasn't me, I am not even WITH Neteller anymore"

FBI = "Well, the transactions took place through YOUR company, so it must have been YOU that allowed it!":rolleyes:
 

amatrine

Crazy Cat Lady
Joined
Jul 3, 2002
Location
Arizona City, Az
FBI = "Well, the transactions took place through YOUR company, so it must have been YOU that allowed it!":rolleyes:


Lol, Kinda ironic.

As far as neteller, I think they keep adding interest to what the amount was.
I dont know. All I know is they keep accepting the money, and keep calling me looking for money,lol I just wish I would have read under the terms when I signed up that they are not respnsable for fraud. They pointed that out to me. I think all ewallets including paypal are that way.
 

vinylweatherman

You type well loads
Joined
Oct 14, 2004
Location
United Kingdom
Responsible

Lol, Kinda ironic.

As far as neteller, I think they keep adding interest to what the amount was.
I dont know. All I know is they keep accepting the money, and keep calling me looking for money,lol I just wish I would have read under the terms when I signed up that they are not respnsable for fraud. They pointed that out to me. I think all ewallets including paypal are that way.

It doesn't follow that YOU are responsible either. I am not sure how fraud could end up with you owing money to Neteller anyway, because Neteller is not supposed to give credit. If it did, it would only be on an unsecured basis, which means they may keep asking for money, but there is nothing they can do to make you pay other than confiscate payments that wander into the account, which they seem to be doing. If they were negligent in allowing the fraud to take place, they could be countersued, although it would have to be in the Isle of Man or English courts.

There is now growing mistrust of online secure services because these frauds are now so sophisticated that even the experts are being caught out on occasion as software products, and Windows itself, have loopholes that are exploited to the full.

The reputable company SONY were reprimanded for installing serious malware as part of their copy protection. The malware was in such a form that security software could not detect & remove it, and it lead to the possibility of introducing a vulnerability that hackers could exploit once they had disassembled the SONY software.

Here in the UK, Neteller deposits are only protected up to 1000, and not the 30,000 plus that would be the case were it a proper bank.
 

indicka

Dormant account
Joined
Sep 28, 2006
Location
bright side of the road
If Neteller say this was done from the user's computer, two questions? 1) was it actually switched on at the time this took place? 2) Was it connected to the internet during this time. If both these are true, this points to a trojan application executing commands from a remote computer through a port. There are some defined ports through which Windows will accept input as though coming from the user's keyboard. A trojan module has to be in place to open the port and feed the comands through, while at the same time ensuring nothing looks out of place to anyone using the PC. They could have got the initial account data from Phishing, including the MAC of the PC as well as the IP address, or they could have inserted a keylogger or screen logger through a malware application. Download any GFED casinos recently?:D
.

I do not know much about trojans, phishing, keyloggers and what not...I havent the faintest idea of how these things operate...however, I have learned these terms are associated with activities that mama would frown upon.

Here are more details for the Sherlocke Holmes out there. My computer was on. I usually leave it on all the time (now I'm thinking twice about that). I leave it on for work..lots of emails and eFaxes for me.
I was not logged into any casinos or Neteller when I went downstairs to eat dinner. After about 2 hours, I returned to my computer and checked my emails..this is when I noticed the shiet hit my fan.

I do believe this activity was going on at the same as I noticed it. But I'm not 100% sure. I remember seeing 4 declined credit card deposits, then after investigating opening some emails, the page refreshed with 5 declined credit card deposits.

To further investigate, I went to Neteller's site to sign in...I typed in www.neteller.com in the address bar and received 2 sign-on pages (another window opened up on top of the first). It reminded me of when I accidentally double click on a link causing two windows to pop up with the same content. But these two windows were not the same! I didnt realize this until after a few minutes. I signed into my Neteller account with the page on top. Minutes later, that window froze, and I couldnt navigate through my account. Thats when I cursed at the screen a little and decided to sign in again...thinking it was just something insignificant..some minor snag somewhere. I was wrong. When I brought up the sign-on page that was underneath the frozen page on top, thats when I realized the picture was different. I'm talking about the picture to the left of your account number and password. I dont remember exactly what the pictures were..but I do know they were completely different. Does Neteller have more than one version of their sign-on page running at any given time frame? Should everyone see the same picture when signing in at any given time? Another thing worth mentioning, what I do recall while signing in the first time was a thin bar across the top of the page that kept on flickering.

vinylweatherman- You are dam good with your diagnostics! You sure you have nothing to do with this? After reading your thoughts of suspects, I checked my Virus Vault and found a Trojan Virus that was caught on 1/13/2007. I didn't know it was a Trojan until now. I do rememeber the software detected a 'threat.' But, just like other times, I didn't think much of it after the software 'healed' the situation. Perhaps, this was when my info was somehow accessed? For the past couple days, up until last night, my computer would freeze up and the only option I had was to reboot by turning off the machine via the Power Button. I hate turning off the computer like that...it makes me think of a person going to sleep by having a someone else smash a glass bottle on their head. In retrospect, I should have been more careful in interpreting my computer's symptoms..perhaps I couldve prevented this.....live and learn...I just always seem to learn the hard way.

There are differences in the confirmation emails I received for those unauthorized deposits compared to those emails I received in the past when making an InstaCash deposit.
Confirmation of an InstaCash deposit always came from NETELLER 'Customer Service <[email protected]>'...this time they were from '[email protected] <[email protected]>'. There is usually an InstaCash transaction time stated in the email, which was always approx. 3 hours ahead of my time or gmail's time of receiving the email.
This bogus InstaCash transaction didnt even have a time stated in the body of the message! However, the emails for those unauthorized credit card deposits and transfer of funds to another merchant did have transaction times stated. The time in the body of these emails compared to the time stated in the 'Show Details' section at the top of the email (for gmail, this is the section where you can click Hide/ Show Details) did not have that 3 hour difference that I'm use to seeing. This top section is suppose to reflect Gmail's time, time of receiving that email, or my time, but did not, as it was altered. Gmail's real time is revealed when you place curser over the date at the top right of the email...and this time should be the same as time shown if you clicked on 'Show Details.' But these bogus emails had time differences in these two sections..(I think this is very smart on googles part, to have another check point). OK enough of this...too much time talking about time.
There are other noticeable differences. If anyone is interested, just let me know, and I'll prepare some pictures of these emails to be uploaded here.

My whole point in all this is to remind everyone to Be Super Careful with your wallet because there are always those friggin-A-holes scheming to pick your pocket. When your having fun, its easy to forget how many of these jerks are around.
 

Addisyn

Dormant account
Joined
Oct 4, 2006
Location
Underground Sewer Access
If you haven't already pick up the phone and call Neteller's security department. They were good to me when I simply suspected some wrong doing with my account.

Hope all gets resolved! That money should be very easy for Neteller to trace since I am still waiting for legitimate Instacash withdrawals and deposits to clear my checking account after 5 business days and counting.

Obtain the NT numbers on all the transactions from Neteller, ask them what merchants were involved, and of course do all the documenting suggested here by other posters. Good luck. This sort of thing is such a pain!

Someone stole my eBay account and sent emails to people for a day. Got that under control real fast. Then someone fooled with my PayPal account. I closed it and didn't reopen another one for over a year.

We also bought a shredder and shred anything that has our SS#'s, name, address, bank info, etc. Basically all our snail mail. Makes for good packing material.

I, too, scan for malware everyday without exception. It is scary the junk that gets through. Lately I changed my virus software and am getting a much better result.
 

indicka

Dormant account
Joined
Sep 28, 2006
Location
bright side of the road
Classic :lolup:

I too would like to know if you were actually sat at your computer at the time (in fact you must've been to see the confirmation emails) - and on what basis have Neteller decided they were made "from your computer"?

I didnt bother asking how they decided or concluded that these were made from my computer. I know for sure that they know that my cat knows that they know I didn't do it...I think you know what I mean.

I don't really understand how they can ever profit from this though without being instantly traced in terms of how the money eventually 'leaves' Neteller...

I hope the thieves aren't looking to go anywhere anytime soon mind... It took them seven days to accept a few hundred quid deposit off me! :rolleyes:

Exactly! Theres something really shady about all this. How can these guys split without a trace? For me, Neteller will not allow any withdrawals if the amount is equal to or below all EFT's that have not yet cleared. I've had InstaCash transactions that were posted in my bank account, with money already deducted from my account, for up to a weeks time, and yet these charges continued to be 'Pending' according to Neteller..so, sorry kiddo, you know the rules, no money out of here until those charges clear with our system...when in reality those charges cleared days ago...and I'm talking about withdrawals of a couple hundred or less...like pulling teeth. How is it that this time, an InstaCash deposit in the thousands, can be moved out of my account within a minute..without a trace...Again, I ask my cat, 'WTF is this goin on here?'
..Whatever you say Neteller, keep distracting from the truth with 'those transactions were made from your computer.' Blow me.
I was told to report this incidence to their investigations team via email. I did exactly as instructed...over 24 hours ago...still have not heard back from them...they should at least reply once, if not to acknowledge my existance, then to pretend to care about their own customers...
Proper businesses that directly deal with peoples' money would not keep their customers hanging like this..
Yep, it came from my computer alright. :rolleyes:
 

indicka

Dormant account
Joined
Sep 28, 2006
Location
bright side of the road
Maybe the cat did it?

BUSTED!

LOL! The cat is always the usual suspect. After hours of interrogation and not a trace of paw prints anywhere, I had to let him go.
I looked him straight in his eye.. and not a single quiver of guilt shown.. unbreakable poker face...
 

GrandMaster

Dormant account
Joined
Jan 21, 2004
Location
UK
I would scan for spyware/malware/trojans ASAP.

If you find anything, KEEP THE LOGS, and even take screenshots, if possible. That way you can prove to Neteller and your Bank that your computer was definitely not under your control when those deposits were made/attempted.

Afterwards, I would even suggest backing up everything you need, formatting and reinstalling everything just to make sure.


*Disclaimer* Only do it if you're comfortable with doing so :p

...why everyone doesn't have a firewall installed is beyond me....
I would get a live Linux CD like Old / Expired Link or
You do not have permission to view link Log in or register now.
, boot the computer into Linux and save all the data. After such a major security breach the computer will have to be reformatted and everything reinstalled from scratch, but at the moment I would leave it in case there is some evidence on the computer that might be useful, for example, a trojan horse. In the meanwhile, I would use another computer if possible, or boot off a Linux CD.

This occured less than 18 hours ago. I was able to close my bank account before money was taken out of my account..(instacash is not really immediately like they say)

Yes, these transactions are totoally out of norm. I've made hundreds of InstaCash deposits...and never have I made any deposits over $75...not once...and my deposits have always been whole dollars. These unauthorized transactions were all USD with change, but when transfered to another merchant, they all turn out to be whole numbers in Euros..hmm?

I'm surprised Neteller even allowed for them to attempt 5 unsuccessful credit card deposits, one minute after another.
Indeed, at other times perfectly innocent transactions set off the alarms, my account got locked for receiving about $800 from a casino.

It will be in the other merchant's NETELLER account, and it isn't that easy to get money out of Neteller as fast as it can be put in. If Neteller were alerted early, which seems the case, they should have locked ALL accounts in this chain, including the merchant. The fact that a merchant is involved says nothing for the vetting procedures employed by Neteller when deciding if a company is really a proper business or a scam. The FBI will have a field day when they hear about the speed with which the thieves were able to remove the money from the entire system, and for a very substantial amount that could fund some serious criminal activity.

If Neteller say this was done from the user's computer, two questions? 1) was it actually switched on at the time this took place? 2) Was it connected to the internet during this time. If both these are true, this points to a trojan application executing commands from a remote computer through a port. There are some defined ports through which Windows will accept input as though coming from the user's keyboard. A trojan module has to be in place to open the port and feed the comands through, while at the same time ensuring nothing looks out of place to anyone using the PC. They could have got the initial account data from Phishing, including the MAC of the PC as well as the IP address, or they could have inserted a keylogger or screen logger through a malware application. Download any GFED casinos recently?:D
It certainly looks like a remote access trojan or an insecure wireless router.

A complete reinstallation is a good move, however inconvenient, and do not allow the PC near the internet till this has been done in case further information is compromised.
I would really like to see more openness from Neteller in telling us how these thieves got away with this, enough at least for us to know the vulnerabilities that we ourselves may have left open for them, and how we should close them.
It should be traceable which casino the money went to. After that it depends on the casino's co-operation.

I had this happen from a keylogger from my neteller. Neteller held me repsonsiable for the funds. To this day I get collection calls, and refuse to pay for it, though I know they got more money from me than what was stollen in affilate payments that to this day get deposited into neteller I cant claim.( despite numerous attempts at contacting thiese affilates and telling them I cant accept neteller, another matter) They also said it was from my computer. It wasnt.

I did find a virus when I scanned the computer and removed it, and closed and changed all my accounts, ( ebay, paypal, bank cards)

Was a pain, but now I scan this thing every day. Lesson learned.
I also have a young daughter who plays games on this computer and when she does I pick up all kinds of spywayre etc, so probably how it got here in the first place.

Ama
Install Spybot Search & Destroy with resident Teatimer. It will stop a lot of spyware and other junk from installing or running on your computer. You should also create an account with restricted rights for your daughter, if you have not done so already, so that she can do less damage. Or use Linux.
 

Slotster!

I predict a riot.
Joined
Oct 17, 2004
Location
Location, Location!
If the cat wanders in sporting a new platinum and diamond encrusted collar, sipping champagne from his bowl - with a foxy female kitten hanging off each paw - I'd start asking questions...
 

amatrine

Crazy Cat Lady
Joined
Jul 3, 2002
Location
Arizona City, Az
Re

Rule number 12 on neteller website: 12.2 It is your responsibility to keep your Account identification, secure identification, password, security questions and answers and other information specific to your Account confidential and in a safe and secure place. This includes ensuring the ongoing security of your log-in details on your personal computer device for accessing the Internet. Should another person gain access to your Account by passing all identification and security validation and verification checks, we are entitled to treat any transaction conducted by that person as valid and are not responsible under any circumstances for any loss or damage you may incur as a result.

This is what they enforced with me, and said I was liable. Never read the small print ,,, my bad...

Ama
 

winbig

Keep winning this amount.
Joined
Mar 10, 2005
Location
Pennsylvania
I have a problem with that. What they're basically assuming is that every tom dick and harry that uses a computer and has a neteller account is a computer whiz, and knows how to secure their computer 100%.

Let's face it. With a basic windows installation, current updates, and even running microsoft's "Firewall", their computer IS NOT SAFE. Even all of the anti-spyware|adware|virus|trojan scanners will NOT pick up and fix every single threat out there. To do so, you would need to run 4-5 of these programs to catch everything.

They can take that clause and stick it up their ass.

It should be "User should take every possible action to keep their computer safe. If a user is found to KNOWINGLY keep their computer vulnerable to attackers, they will be held responsible.
 
Top