Enterprise IT veterans have long been embroiled in hard-fought battles against network attackers. But in a war that respects no boundaries, the damage can (and often does) hit home in the form of ID theft.
Thursday, July 7 was just like any other day for me. Up at the crack of dawn, a cup of java and a quick check of my e-mail. I always have e-mail, although it is usually spam or frivolous chitchat from my classmates of years ago. On this date, my inbox was empty. I thought this was strange but wasnt alarmed. I had bid on an item on eBay Wednesday night and I thought it was odd that I had not received an e-mail advising me I had won or lost the bid, so I logged on to my eBay account and promptly discovered I had the winning bid. Hooray! A great start for the day.
Or so I thought.
Immediately, the hairs on the back of my neck stood up. After settling my nerves and reaching for another cup of coffee, I investigated a little further and determined the $1,600 charge had been made to a credit card and not my bank account. Whew! At least my checking account had not been depleted.
As I drilled down further, I discovered a new Visa card had been placed into my account. Ironically, due to PayPals security, I was not able to determine if the card was issued in my name, all I could see was the last four digits of the card number. Upon examination of the cards that I carry, I quickly determined this was not one of mine. I breathed a sigh of relief. I looked into it some more and determined the product had been shipped to me (at least they used my name) to a town in Georgia, which I had never heard of.
Simply speaking, some lowlife hacked into my PayPal account and then proceeded to edit the account and add a credit card, which had most likely been stolen or acquired by other illegal means. Then the perpetrator purchased an expensive laptop on E-Bay and charged it to the new credit card on my account.
I immediately completed PayPals online form challenging the transaction and then followed up with a telephone call after I got to my office. The PayPal helpdesk listened to my report and than immediately transferred me to a security person. This person advised me to change my password immediately, but to not delete the credit card information as PayPal would need it to conduct an investigation. I indeed changed the passwords for PayPal and all other personal accounts I could think, of excluding my e-mail account.
For some reason, the gray matter upstairs had not considered the absence of e-mail earlier to be a matter of immediate concern. Thinking that I had done everything I could to remedy the PayPal situation, I forgot about the matter and got engrossed in business issues at work.
The Saga Continues
At home later that evening, I checked my personal e-mail account. To my surprise, my inbox was still empty. My suspicions had now been raised, so I created a couple of e-mails from test accounts and sent them to myself. Of course, the test e-mails did not arrive. I then used Comcasts (my ISP) chat box to report the issue with my e-mail. The Comcast person quickly determined my e-mail had been set up to forward to another account.
Now the gravity of the situation had begun to sink in. I had been hacked! By a very clever hacker.
I immediately checked my trusty Norton Internet Security Personal Firewall and intrusion detection software to determine if my computer had been accessed by anyone other than me. Although there had been 301 attempts from the same IP address someplace in California, the attempts had not been successful and the integrity of the data that resides on my PC was still secure.
Since I do not leave any e-mail on the Comcast Server this leads me to believe the hacker hacked into my PayPal account first and than hacked into my e-mail account to implement the mail forwarding. It is doubtful that the hacker learned anything valuable in the 24 hours that they had access to my e-mail, but they could have. Obviously, I changed my e-mail password immediately and turned off message forwarding.