Have I Been Compromised? iYogi Scam!

Hi
I did a very stupid thing. In multitasking many issues I needed to talk to Belkin support. I googled them and without paying attention I clicked on the topmost (paid ad) link. Not paying attention I got typical bangalore? tech support. All I wanted was the question How do I log into a router password & ip address answered. The tech was their usually over polite self and said he would fix the issue.
He said he would fix it remotely by logging into my system. Normally I would have said no way but I wasn't thinking. He downloaded a little app onto my system and was able to mess with my system. He needed a password for my router so I gave him one of my many lttle used ones. He kept putting me on hold while he "checked something" I was very careful to watch the screen though. He wanted to restart but I was in the middle of a download from adobe so I told him no. At the end  of about 5 minutes he started with a sales pitch of $459 and then took a drop to $169 for a service contract. When I refused and asked him who this company was he said iYogi and tried to convince me they were Belkin authorized TSupport.  When I refused to buy, he immediately forced my computer to reboot and then hung up. Upon restarting I noticed that Safari was trying to communicate/log in to something so I basically pulled the ethernet plug. I immediately changed all of my passwords regardless but I feel I may have something aboard my Macbook Pro
1 weeek later my Facebook page is acting weird, loading as text only. When I ran disk repair it gave a time of 1 hour 19 minutes but the bar never moved. Kept seeing Java repairs and some other stuff but when I finally checked permissions had been completed. Decided to run again. This time it said 1 hour 12 minutes but again the progress bar did not change. I did copy some of the Disk repair issues. Can anyone tell from this if it looks like I'm infected?
Suggestions/Solutions welcomed.
Warning: SUID file "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAg ent" has been modified and will not be repaired.
Permissions differ on "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Rem ote Desktop Message.app/Contents/Resources/English.lproj/UIAgent.nib", should be drwxr-xr-x , they are -rw-r--r-- .
Repaired "System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Support/Rem ote Desktop Message.app/Contents/Resources/English.lproj/UIAgent.nib".
Thanks
Enio
ps There is a page on the internet about iYogi scam that appears to be made by them singing their praises and blaming  in order to reassure people who think they might have been scammed

Very distressing:
My recent experience involved stumbling across iyogi when i was in a panick after my computer played up.  Thought iyogi was with Apple as that's how it presented in their ad.  I allowed them into my computer.  All seemed fine at first.  They downloaded Mackeeper which showed the bad shape my computer was in.  Then came the fee options (1, 2 or 3 yr) ranging from $330 up to nearly $600.  I agreed to take the one year and when it was time to pay, they provided a screen for putting in your details.  I said to the guy I did not feel comfortable about providing my details on that form and asked if they had P-Pal.  He questioned why I would want to use P-Pal and I told him it is the safest way to do transactions as that's what the ads say on TV.  He argued that P-Pal is not safe.  I still would not agree to putting me details on the form so he put me through to someone on the phone instead and I gave them my Amex card details.  Then they said it wouldn't process as the lines went down and asked if I had another credit card.  I got a really bad feeling and told them I did not feel comfortable about giving any further credit card information.  They convinced me it was safe and said it would be totally secure if I entered using the keypad of my phone instead of just giving them the number.  They said the payment went through and the guy said he was just going to do some tests on my computer.  I noticed that they put my on hold and did not talk to me while testing which I thought was strange as whenever Apple has helped me remotely they are always communicating with you while their doing things, telling you what they are doing step by step.  He was in there for a long time.  A screen came up that seemed to have historical data on it.  He then finally came back to me and said he was just going to put me through to another guy who was going to fix the problem.  By this stage I had been on the phone for nearly one hour.  He put me through to the other guy and the first thing this guy said to me was "what's your mother's maiden name?"  Right then I knew this was definately dodgy.  I asked him what he needed the name for and he said it was for security purposes,.  I argued how it could be when i've never given them my mother's name for any reason since being on the phone.  When he said that, I told him I no longer wished to go ahead with the service and that I wanted my card refunded.  He tried placating me, saying it's ok, there's nothing to worry about and telling me to calm down.  The more he talked the more panicked I became.  I demanded he reverse the transaction on my credit card. I demanded he get out of my computer and I told him I sensed the company is dodgy and that I was concerned that they have stolen my personal information.  He kept pressing me to continue, until I screamed at him that I will be calling my bank straight away to cancel all of my credit cards and to change all of my banking details AND that I was going to contact the Australian Federal Police to report their company.  He finally put me through to someone he said would reverse the transaction.  It was a woman and she too asked me for my mother's maiden name "for security purposes."  I just screamed at this woman.  Told her my mother's maiden name is not relevant to anything and that I wanted my credit card refunded.  Unbelievable she kept going on and on and on trying to press me to continue with the service and transaction.  It was not until she heard me talking to someone on my other phone (talking to my bank) and she asked who I was talking to, I told her it is my bank and now the bank person on the phone will be witness to the fact that you are refusing to reverse the transaction on a service I decided I didn't want.  With the bank hearing everything I told this woman I would be cancelling all banking details and changing everything and reporting their company to the police....... It was ONLY then that she agreed to reverse the transaction. 
My computer is 5.5 years old.  I have decided to purchase a new one because I simply could never feel safe using that computer again.
Very distressing.

Similar Messages

  • Httpd access_log entry - have I been compromised?

    What's going on here? Has my security has been breached? Has someone caused a buffer overflow and then put something on my machine? If so, how could they access my machine?
    My knowledge state: I do not have a in depth knowledge of security issues - only that they are important. Every once in a while I look at various logs and try to get an idea about what's happening on my machine.
    My setup: macmini networked via airport to netgear wireless router connected via cable modem to Comcast.
    Mini and firewall both password protected. Airport connection WEP protected.
    OSX Firewall turned on - file sharing, personal file sharing, ichat and missing sync (PDA syncing software) only items enabled; router firewall on, connection restricted to the 3 devices on my LAN.
    (If my setup worked as expected, I shouldn't see anything from 24.218.x.x on my system, it should have been stopped by my router...)
    The following sequence shows up 3 times in a recent httpd access_log
    24.218.83.129 - - [10/Oct/2006:18:50:16 -0400] "GET / HTTP/1.0" 200 5834
    24.218.25.110 - - [10/Oct/2006:19:06:24 -0400] "GET / HTTP/1.0" 200 5834
    24.218.25.110 - - [10/Oct/2006:19:06:24 -0400] "SEARCH /\x90\xc9\xc9\xc9\xc9\...(lots more \xc9)...\x90\x90\...(lots more \x90)...\x90\x90" 414 343
    24.218.25.110 - - [10/Oct/2006:19:06:55 -0400] "POST /vti_bin/_vtiaut/fp30reg.dll HTTP/1.1" 404 307
    24.218.83.129 - - [10/Oct/2006:22:43:11 -0400] "GET / HTTP/1.0" 200 5834
    24.138.225.33 - - [10/Oct/2006:23:35:46 -0400] "GET / HTTP/1.0" 200 5834

    OK well, if you don't need any access to Apache from outside then you should configure it to be inaccessible to the internet.
    I use the built-in Terminal editor "pico" to edit the file, which is located at
    /private/etc/httpd/httpd.conf.
    First, make a backup of your httpd.conf file in case you break something while editing it.
    Open httpd.conf and find the line that begins with Listen and then an IP address or hostname. Edit it to look like this:
    Listen 127.0.0.1:80
    If you find a second "Listen" line that designates port 80, leave it alone. It should already read:
    Listen 80
    The only "listen" lines in httpd.conf that are not commented out should be:
    Listen 127.0.0.1
    and
    Listen 80
    Then Apache will only accept connections from your local machine on port 80. Restart Apache to make your changes take effect. You can test to see if it worked by typing 127.0.0.1 into your web browser. If it worked you should see a default Apache page.
    This is all off of the top of my head, but I think it should work. If it doesn't, just restore your original httpd.conf file from your backup and restart apache again and you'll be no worse off than you were before. 
    If you want to be extra safe, you can also configure your firewall to block INBOUND connections on port 80. Make sure you don't block outbound port 80 or you won't be able to load any external webpages from that computer.
    As for the attack deflection code, disregard it if you don't need it. Such hacks can cause mysterious problems in a development environment but work well on a normal server.

  • Strange system.log entries.  Have I been compromised?  Related to ARD

    Every two minutes my system.log posts a new entry that I am having a UDP WritePacket error 65 and it looks as if its trying to connect to a range of IP's that are hosted by pacbell. I do not have any systems outside my network on my ARD so not sure what the heck is going on. Here is a copy of the messages:
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.33
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.64
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.95
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.174
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.27
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.161
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.98
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.126
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.61
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.130
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.67
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.51
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.92
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.74
    Mar 24 15:06:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.57
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.179
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.45
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.90
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.14
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.48
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.88
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.229
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.69
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.37
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.54
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.84
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.23
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.79
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.173
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.149
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.80
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.53
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.21
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.86
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.111
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.168
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.44
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.40
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.124
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.29
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.166
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.133
    Mar 24 15:07:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.56
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.33
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.64
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.95
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.174
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.27
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.161
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.98
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.126
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.61
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.130
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.67
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.51
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.92
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.74
    Mar 24 15:08:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.57
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.179
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.45
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.90
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.14
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.48
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.88
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.229
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.69
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.37
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.54
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.84
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.23
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.79
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.173
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.149
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.80
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.53
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.21
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.86
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.111
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.168
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.44
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.40
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.124
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.29
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.166
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.133
    Mar 24 15:09:00 Kyle ARDAgent [222]: UDPWritePacket error 65 No route to host for -64.168.10.56

    There is another post about this about a couple of months ago. The poster figured out that the first number -64 actually could be translated into 192. etc.
    and that the computers were not online at the time (laptops etc).
    Here is the link..
    http://discussions.apple.com/thread.jspa?messageID=2608312&#2608312

  • I got a text message which had a link attached to it, i did click on the link, basically some job scam but on the link. Now i just want to find out if my phone has been compromised in anyway and what are the tell tell signs.

    I got a text message which had a link attached to it, i did click on the link, basically some job scam but on the link. Now i just want to find out if my phone has been compromised in anyway and what are the tell tell signs.

    your phone has not been compromised.  There have been no viruses, worms or trojan horses ever reported.

  • My email account and facebook accounts have been compromised, how can I know if I have malware of a keylogger?

    About 2 weeks ago my Yahoo email account and AIM email account had been compromised and the passwords changed. From what I was told/researched at the time, changing my passwords to more secure passwords was the best option.
    I changed my passwords for the two accounts that had been compromised, and I even when as far to change my passwords for everything that I used frequently, and accounts that were tied to the email accounts, facebook, twitter, etc.
    This morning at 12:28am (EST) my facebook was accessed by somebody other than me and my password changed. When I noticed this my first thought was to check to see if my email that I log in with was compromised. It had also underwent a password change.
    Obviously the next thing I did was to try and change my passwords.
    I had my AIM email send a change password form to my Yahoo email (which hasn't been tampered with this time) I followed the form and input a new password. After that, it brought me to a page where I was to enter the new password and sign in. When I input the new password it yet again said, "incorrect password or username". After I tried the new password a few more times it finally brought me to a screen saying basically that my account was locked due to suspicious activity and I still haven't been able to try and log in again.
    I also can't access my Facebook account at all. I obviously can't send a new password to my email because I can't access it. Whenever I tried to send my info to an alternate email it wants me to answer a security question, and for some reason the answer I enter, which should be the correct answer, is said to be false.
    Facebook offers another option of recovering your account by getting 3 friends to be sent security codes, I tried this method but it would never let me complete it because I locked my account. I locked my account after figuring out it was being tampered with. Whenever I try to get the security codes sent to 3 friends it ultimately leads me to a screen saying my account is locked and I need to sign in to unlock it, which is some major bull considering if I could log in I wouldn't need to be going through the process to begin with!
    One friend has told me somebody maybe using some file to track my moves, a keytracker?
    Is there anyway I can confirm that?
    How can I get rid of it, how can I protect myself?
    I've been using the internet almost daily since I was 8 years old, I'm now 20, this is the first of these kinds of problems I've ever had.
    Protip: I run Mac OSX 10.6.8 Snow Leopard.

    Whatever is going on, it's extremely unlikely to be malware of any kind. See my Mac Malware Guide.
    As to what is going on, it's hard to say, but if someone is targeting you specifically, it's not that hard for an experienced person to do. It may not even require actual hacking... see the story of Matt Honan's hacking:
    http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/
    In short, his attacker managed to get access to Mr. Honan's Amazon account, which gave him access to the last 4 digits of Mr. Honan's credit card that was on file. That credit card was also on file with Apple, and those 4 digits were used to give him access to Mr. Honan's Apple ID. And from there all went to h***. No hacking required, just talking to folks on the phone and convincing them to do what the hacker wanted.
    In addition, note that some kinds of accounts provide you with a way to give access to another person. For example, GMail provides a way to add someone else's account, giving them access to your e-mail. Hackers have been known to use such features to leave themselves hidden back doors, so they can keep getting in after you have changed the password. I don't know whether AIM or Yahoo have such features, but it's possible.
    Finally, note that there are always possible issues with weaknesses in the servers. For example, right now, someone's selling an exploit kit for Yahoo mail. I don't know whether the vulnerability it relies on has been patched or not, but if it hasn't been, your attacker may be using that method to get access.
    In any case, you need to address these issues with AIM, Yahoo and Facebook.

  • I am getting the following error message "wireless network appears to have been compromised"

    I am getting the following error message "wireless network appears to have been compromised"
    Any information would be helpful.

    bclark173 wrote:
    I am getting the following error message "wireless network appears to have been compromised"
    Can you provide a screenshot of this message? Make a screenshot by following the directions here:
    http://support.apple.com/kb/HT5775
    Be sure no sensitive personal information is displayed. To add that image to a post here, click the camera icon in the post editor toolbar.

  • I'm afraid my iPhone 4S might have a virus/be hacked.  Is this possible and if so, how can I find out if it has been compromised?

    I'm afraid my iPhone 4S has a virus or has been hacked.  Just in the last day or so my battery life gets used up a lot faster and I have all of a sudden started receiving a lot of spam email.   How can I find out if my phone has been compromised?

    Unless you left the iPhone in the possession of another person it could not be hacked...and unless it has been jailbroken it cannot get a virus.
    An email account can be hacked at the service provider's end...this has happened a number of times with gmail. 
    Do a reboot, hold both the power and home buttons until the apple logo appears and it restarts, ignoring the red slider if that appears.
    If that does not help the battery situation, make a backup of your content and then restore to factory condition, Settings > General > Reset > Erase All Content and Settings, and then restore from the backup you just made.
    Contact your email service provider and let them know you are getting material that could mean they have been hacked.

  • HT1349 What is a captive session and a crash reporter? I think my phone may have been compromised and information stolen, is there anyway from the diagnostics log to find out?

    What is a captive session and a crash reporter? I think my phone"s security may have been compromised.

    ok thank you. I was talking to a IT security forensics person and they told me that there is a devise that plugs into your charging area and looks like a flashdrive that can bypass your password and download all of your data even deleted text messages from the hard drive in your phone.
    he had the ability to have access to my phone all night.
    is there a way he couldve jail broke my phone to hack into it and then un jail break it.
    I was also told that if he used a mac computer he couldve done this through itunes and there is a way to find the trace of my data being extracted on my iphone and will also give mac address that they pulled the data onto.

  • Apple deleted my account when I made a complaint about being charged for apps that I did not purchase! The said it was for security reasons as my account must have been compromised but only Apple have mu information.I am convinced the operator delete

    Apple deleted my account when I made a complaint about being charged for apps that I did not order. They said that my account had been compromised and it was in my best interests to delete it for security reasons! I am convinced the operator deleted my account out of sheer malice because I complained - can anyone advise?

    No. It would have been done for security reasons. You notified them that money was being unknowingly taken from your account, so they froze it.
    Change your Apple ID here
    And also check for unusual activity on your credit card with your bank. Change all your security password while you are at it.
    Pete

  • Trusteer Report security for Browsers....I don't know which version of Fire fox I have. Previous one could have Trusteer on it but this one can't and all of my passwords have been compromised as a result. hw can I have trusteer on this one please?

    My Bank has made Trusteer raport available to protect all my passwords...and the new version of firefox which installed itself!!!!!! cant support this safty measure whic has now been compromised by MyWebSearch which has also installed itself on my browser...How can I get this feature to run on my browser please!
    Regards
    Coco

    From what I have seen other Trusteer Rapport users post here recently, it isn't compatible with the Firefox 4.0 betas. Most security applications or add-ons typically don't support beta pre-release software. You should still have your older version of Firefox installed yet (if you had one installed), the Firefox 4.0 betas install to their own unique Program Files folder and don't overwrite another version of Firefox.

  • Have I been scammed?

    Im hoping not, as I think BT do try to be a decent company, and when the service is working, it works very well,
    but do read on...
    So I just recieved my bill with 2 unkown calls to an extortionate premium rate service: 0911 699 7660
    and as a result, 2 calls =£50!
    I called BT billing enquiries -  The advisor said all he knew was that it was a premium rate helpline called 'iHelpline' that dealt with facebook problems, or MS Word, or that type of thing and said it was nothing to do with BT. — just to note this is not something I would ever call about.
    Dumbfounded, he proceed to say that it was a call made on my number, so it was tough luck, nothing he could do, and promptly put the phone down on me.
    Now, you'd expect that from a poorly trained BT customer service adviser, if someone is being rude or impatient, but I was being neither of those. But curiously he sounded slightly panicky...
    I cannot for the life of me know how these numbers have been called or whether they called me?
    The only thing that I can figure out is that when looking back on these dates, I think I had phoned the BT technical helpline a number of times, when my newly installed bt infinity had stopped working after a few weeks.
    Typically when I tried to access the internet, a BT home hub technical screen was presented in the browser - once I had gone through the automated help steps, eventually after no success a helpline number came up on my screen which I think was an 0800 number.
    (BTW The problem was apparently due to the BT infinity modem being an old model, which suffice to say, wasn't dealt with by an engineer until a week later!).
    Anyway this is the rather disturbing bit, if it's at all possible... 
    At the time, obvioulsy I was desperate to get through to the BT technical help assistant, but during the call I seem to remember that I was put through to a different line - it was indeed a 'helpline' to help determine which BT service I should be put through to - but only after a number of questions had been answered. 
    So here's my question: Is it possible that BT have set up a system to put you through to a premium line service, even though you started the call with a BT 0800 technical number?
    I can't actually believe that would be the case, but I dont know what else to think. 
    Has anyone else come across this? 
    Anyway it seems there's not much I can do about this... any advice appreciated.
    Thx 
    Robotic

    robotic wrote:
    Im hoping not, as I think BT do try to be a decent company, and when the service is working, it works very well,
    but do read on...
    So I just recieved my bill with 2 unkown calls to an extortionate premium rate service: 0911 699 7660
    and as a result, 2 calls =£50!
    I called BT billing enquiries -  The advisor said all he knew was that it was a premium rate helpline called 'iHelpline' that dealt with facebook problems, or MS Word, or that type of thing and said it was nothing to do with BT. — just to note this is not something I would ever call about.
    Dumbfounded, he proceed to say that it was a call made on my number, so it was tough luck, nothing he could do, and promptly put the phone down on me.
    Now, you'd expect that from a poorly trained BT customer service adviser, if someone is being rude or impatient, but I was being neither of those. But curiously he sounded slightly panicky...
    I cannot for the life of me know how these numbers have been called or whether they called me?
    The only thing that I can figure out is that when looking back on these dates, I think I had phoned the BT technical helpline a number of times, when my newly installed bt infinity had stopped working after a few weeks.
    Typically when I tried to access the internet, a BT home hub technical screen was presented in the browser - once I had gone through the automated help steps, eventually after no success a helpline number came up on my screen which I think was an 0800 number.
    (BTW The problem was apparently due to the BT infinity modem being an old model, which suffice to say, wasn't dealt with by an engineer until a week later!).
    Anyway this is the rather disturbing bit, if it's at all possible... 
    At the time, obvioulsy I was desperate to get through to the BT technical help assistant, but during the call I seem to remember that I was put through to a different line - it was indeed a 'helpline' to help determine which BT service I should be put through to - but only after a number of questions had been answered. 
    So here's my question: Is it possible that BT have set up a system to put you through to a premium line service, even though you started the call with a BT 0800 technical number?
    I can't actually believe that would be the case, but I dont know what else to think. 
    Has anyone else come across this? 
    Anyway it seems there's not much I can do about this... any advice appreciated.
    Thx 
    Robotic
    Hi. Welcome to the forums.
    In answer to your last question about dialling 0800 and getting to the premium rate system (which has nothing to do with BT), it's not possible.
    Also, if this company calls you - again you would not be charged.
    Are the times of these calls shown on your bill ? Is it possible that someone else in your property could have called that helpline ? Do you use a dect phone ? Have there been other numbers on your bill you didn't recognise ?
    BT tech help is 0800 111 4567.
    There are other possibilities - one of which is an engineer making calls on a random phone line, picking up yours.
    To be frank, I would contact the billing people again and say you wish to dispute the calls to that premium number and can it be investigated.
    http://www.andyweb.co.uk/shortcuts
    http://www.andyweb.co.uk/pictures

  • I am trying to change my primary email address for it has been compromised. the email address I am trying to change it to is my rescue email address? how do I change my primary email address?

    I am trying to change my primary address for it has been compromised. The email address I am trying to change it to is my "rescue" email address. How do I change my primary email address to my rescue email address? can I delete my rescue email address so I can use it as my primary?

    You will have to delete your rescue email address first, then go back and change your primary.
    Source: http://support.apple.com/kb/ht5312
    You can edit or delete your rescue email address at My Apple ID. To edit your rescue email address:
    Navigate to My Apple ID using your web browser.
    Click "Manage your account"
    When prompted, sign in using your Apple ID and password.
    Click Password & Security
    You'll be asked to answer 2 of your 3 security questions before you can make any modifications. If you are unable to remember your answers, you can choose to send an email to your rescue email to reset your security questions.
    Note: The option to send an email to reset your security questions and answers will not be available if a rescue email address is not provided. You will need to contact iTunes Store support in order to do so. 

  • I think my account has been compromised. I just got a receipt for $10.69 today that I didn't spend. How do I get my money back?

    I think my account has been compromised. I just got a receipt for $10.69 today that I didn't spend. How do I get my money back?
    I've already submitted my problem to PayPal and they are investigating it. I need to get this reversed and my money back. It's hard enough saving for formula without some ******* buying **** with my information.
    Anyone else have this problem?

    It was a genuine email from iTunes, not a phishing attempt trying to get your account and payment details ?
    Viewing your account's purchase history : See your purchase history in the iTunes Store - Apple Support (on an iOS device you can view the last 90 days purchases via http://reportaproblem.apple.com)
    Phishing and similar emails : Phishing & Other Suspicious Emails
    Phishing emails : Identifying fraudulent "phishing" email - Apple Support
    Genuine iTunes emails : Identifying legitimate emails from the iTunes Store - Apple Support
    If it's a genuine email and it shows on your account's purchase history then contact iTunes Support : http://www.apple.com/support/itunes/contact/ - click on Contact iTunes Store Support on the right-hand side of the page, then Purchases, Billing & Redemption . And change your account's password e.g. by logging into it via the Store > View Account menu on your computer's iTunes, or via http://appleid.apple.com
    If it is a phishing email then forward it to Apple : [email protected] , and then delete it.

  • Hi all of our devices is been compromise. Can anyone help let us know what to do

    Hi all of our devices is been compromise. Can anyone help let us know what to do

    Which devices are you talking about?
    How do you know the devices have been compromised.  Suggest you change all your passwords.
    Describe what problem you are experiencing.  This isn't Windows.
    At this time there is no known malware on an ios device.  Period.
    Robert

  • TS1424 I believe the credit card online has been compromised and someone has purchased from iTunes without my permission. What can I do?

    What can I do if my credit card has been compromised and someone has used it to buy from the itunes Store?

    Wpgjets wrote:
    ... What does iTunes do to track the ones who steal CC numbers and use them to make iTunes purchases?
    What they do is up to them, but loss prevention may include suspending that Apple ID for purchases until such time the fraud is rectified. They may pursue the thief for chargebacks and fines from the issuing bank and take whatever other legal action they deem appropriate. In any event none of that involves you, presuming it's not your job to investigate criminal activity. As long as your payment method continues to be accepted by Apple, you don't have to do anything else.
    Changing your Apple ID password once in a while is a good idea though, and if Apple wants to compel you do so you will find out when you attempt to log in here or make a purchase. Be wary of "phishing" and never click on any links in an email that may appear to be from Apple, as authentic as it may seem. This is a popular way of stealing Apple IDs and all that it entails.

Maybe you are looking for

  • How do i copy my iphoto pics to a hard drive

    I have a ton of pictures on iphoto and I want to transfer them onto an external hard drive to save space on my iMac. Is there a easy way to mass transfer them like on a windows based PC?

  • Weird square like Tab Character in Multiline Text

    ebs version 11.5 forms 6i I have a multiline text item that allows the user to keep hitting an "add to text box" button to append to the text in the box. Every time they click the "add to text box" button, the new text should be placed on a new line.

  • I just talked to an apple representativ and.....

    she told me..because i ordered my nano last night...it would come with a pouch that did not protect the nano very well...but she told me that the material that the nano was being made with was replaced with a " new space age " material that would pre

  • Full name is showing

        Why is my full name showing and not my screen name?

  • Both 2 and 4 on the same computer separatly?

    I currently have Lightroom 2.  I don't want to lose all my ratings and work on current photos.  Can I buy the full version of Lightroom 4 (NOT the upgrade), and keep both versions separate on my computer.  I would then put only new photos in Version