nobsMailing List
Sign up for our free monthly e-newsletter.
nobsNetwork
Nobs Network Forum Nobs Invest - Nobs Investment Community Nobs Forex Blog Forex for Beginner
nobsPopular Entries
Injection attacks are hitting HYIs/ Autosurf programs lately and I thought readers should be aware of what’s going on before making the next spend on any of the programs that you’re interested in.
Woah? Injection attacks? Something new?
You’ve heard about Alien Trust, ECF and alot others getting mauled with another E-gold account number when users upgrade and the funds doesn’t reach them. Why? You can read more about injection attacks here (Thanks to Brad). An example:
You’re in X investment and has always been happy with them. Logging onto X investment website, you re-invested with their Pay Now with E-gold button, unknowing to you, and since you didn’t notice, the E-gold account number wasn’t the regular E-gold account number that you’ve always sent money to (The hacker has already altered the EG number on X investment’s site at this point)
X investment site confirms that the funds were not sent to them. Here, you became a victim of injection attacks.
Regular HYI/autosurf admins lack the knowledge of securing their site properly, thus exposing most of us the risk of spending our money into someone’s pocket. And it isn’t easy to secure your site 100% as well.
And no, this isn’t something new and it’s not only affecting the HYI arena. Even Mastercard has to secure their site.
What you can do?
Basically, in short, be wary when you do any upgrades, always ensure that the E-gold account that you spend to is the legit program’s Egold account number.
If you aren’t sure whether your funds will reach them, the least you can do is to email their support to ask for their E-gold account number to make sure that it’s correct. Better to wait for an official response than to lose money ain’t it?
Popularity: 2% [?]
Hi Jude.
I have to agree, If a person makes a spend and they take their time and check the
e-gold number they pay too, There would be a whole lot less loss occurring in the network of surfing sites.
I have been talking to a programmer and it is possible to block this from happening and I have a crew of them working to prevent this loss again.
I get upset that the clowns that do this can get away with it as they are not being reported and people get careless, I too have spend egold into the wrong account and boy, It sure does hurt to do that, but I tend to catch myself not being patient and watching the number as closely as I should.
At the moment, I have left the egold option off-line, But people can still upgrade by sending me a egold spend to the info listed on the site.
I will post as this matter is tended too..
Best Regards,
Randy
Admin
http://gold-crazy.com
Just a question, can that be done with any payment processor. like e-bullion?
I will be watching that closely now. thanks for the tip.
Penny
Penny,
It’s not payment processor specific. Anytime a program has a link to a payment processor for automatic upgrades, the program passes information, such as the admin’s account number/name to the payment processor. The criminal injects their information into the program so that their information is passed, instead of the program administrator’s information.
I hope that answers your question.
- Sharon
yeap, sharon’s right on the dot there penny