Thats Just Great, My Accounts Been Hacked!

[kobra500 1]

Hidden

We have just learned that your service is being used to display false, or "spoofed," PayPal.com pages, in an apparent effort to steal personal and financial information from consumers, and defraud PayPal users. Specifically, it appears that a XISTO CORPORATION user is sending unsolicited messages which misrepresent the sender as PayPal, and making false statements that encourage the recipient to go to a page hosted by you at 70.84.58.162 - http://forums.xisto.com/no_longer_exists/ asking to enter personal and account information. The purloined information is then sent to an email account and, based on our investigation of similar schemes, used to steal accounts and commit other fraudulent acts including international credit card and wire fraud. This matter is urgent - we believe that consumers have been falsely directed to this page and may be fooled into divulging personal information to a criminal, if the page is not immediately disabled. We ask that you immediately disable the site at http://forums.xisto.com/no_longer_exists/, as well as any associated email addresses, so that this fraudulent scheme can be stopped. We further request that you provide us with all contact information that you have for this user so that we may provide this information to the proper law enforcement authorities. While we believe that the above information gives your company more than a sufficient basis for disabling the page immediately, out of caution we note that your user's unauthorized reproduction of PayPal's trademark and copyrighted materials violates federal law, and places an independent legal obligation on your company to remove the offending page(s) immediately upon receiving notice from PayPal, the owner of the copyrighted materials. Accordingly, the information below serves as PayPal's notice of infringement pursuant to the Digital Millennium Copyright Act, 17 U.S.C. Section 512 ďż˝(3)(A): I, the undersigned, CERTIFY UNDER PENALTY OF PERJURY that I am the agent authorized to act on behalf of the owner of certain intellectual property rights, said owner being named PayPal, Inc. I have a good faith belief that the website located at URL http://forums.xisto.com/no_longer_exists/ has its copyright in each page of its website and associated source code. Please act expeditiously to remove or disable access to the material or items claimed to be infringing. We sincerely appreciate your immediate attention to this important matter. We would also appreciate if you would take steps to confirm the accuracy of any contact information that your user may have provided to you in establishing the account. Should you have any accurate information that could assist PayPal and law enforcement in tracking this individual, we would greatly appreciate your assistance, as we know that you do not condone the use of your services for such criminal purposes. Finally, please be advised that we have referred this issue to the Federal Bureau of Investigation for their investigation. The F.B.I. has requested that we convey to you in this message their request that you preserve for 90 days all records relating to this web site, including all associated accounts, computer logs, files, IP addresses, telephone numbers, subscriber and user records, communications, and all programs and files on storage media in regard to all Internet connection information, pursuant to 18 U.S.C. section 2703(f). While we do not act as an agent of the FBI in conveying this request, we do intend to fully cooperate with their investigation, and encourage you to do so as well. eBay Inc. Audit and Investigations securityalerts@ebay.com Get automated, real-time notifications of new phishing attacks! Join the Phish Report Network as a RECEIVER today! https://us.norton.com/

Well it seems my sites been hacked, that is a message I recieved from Shree after commenting on my password not working, I have sent a support ticket back, what conserns me more than the post itself is how the fraudular content got on my site in the first place, I don't go around throwing my password about. I've ran a virus scan on my pc and it's pulled up nothing. and I certanately do not go around doing phlishing scams, still this has put an end to the projects I have started, plus I need to reset several passwords accross the internet to make sure nothing else is a problem. this is just perfect. This is more directed at everyone rather than just Xisto - Web Hosting staff. Not to mention the security alerts that are stopping viewing my site of firefox and the like!!!
Edited November 22, 2016 by OpaQue (see edit history)

[Alert17 0]

Ouch Im sorry for you. I hope it gets fixed.

[Saint_Michael 3]

Hard to say but odds are they found a way to get through your website and make the changes quick enough for you not to notice or spoof your website in someway. Either way I would take the site down and go through the coding and then of course get a hold of whoever and see what is going on and what not.

[truefusion 3]

What CMS do you use to run your site that supports modules like newsletters or ability to send e-mails? If any, then i don't think Xisto would be able to do anything about it if you continue to use faulty scripts, since it would not be a security issue on their side. You should be able to track down where the problem is by examining which pages have content relating to e-mails, etc.

[kobra500 1]

It's been fixed, someone got hold of my password somewhere, I can't think where, Im not a careless person with these sort of things, and my password isnt "password" or simular I made it to be difficult to work out, but copy paste may have foiled that.I am contacting phishtank to get my site removed from there databases, I am also going to have to do the same to firefox.If you have the firefox security addon which rates sites, my friend has it but Im not sure of the name can you give "atumiz.com" a good rating, the offending files have been removed.

Edited November 15, 2008 by kobra500 (see edit history)

[velma 6]

I can still see http://forums.xisto.com/no_longer_exists/

[Echo_of_thunder 1]

Well I have had that happen to me too. I had a gamming site with myleague.com a few years back and had my whole pool league hacked and every member booted or banned and all new members and room. So I feel you pain my friend. I feel sure that the powers that be can work out all this and get your site going back to you as it shouldGood Luck

[jlhaslip 4]

Just a quick reminder that backUps are critical.You need to perform them regularly. How regular depends on the level of activity and the nature of your site, of course. Ecommerce or Business sites should be done more often. Personal (static) sites not as often. If your site includes Logins and registrations, at least weekly, I would think, is a minimum.Perform a backup of the site after building it and configuring the base site and use that as a reference point. Then do a backup of the site after the initial flurry of activity, ie: after all your friends register, and as the Staff is appointed. Then do regular backups from your Cpanel. In the case of an AEF Forum, you can do a backup from the Forum Admin Control panel.Backups should be stored "off-site". Usually onto your local Desktop or a folder of your local machine is good. I keep weekly backups on the laptop and a monthly on a Flash drive. Three months worth of my site and other Development scripts are always available on the Laptop and/or Desktop.And be careful about passwords. They are passwords for a good reason. Rather than giving out your Cpanel Log-in and password, create a second FTP account for a friend to use as a FTP method.

[enhu 0]

i was hoping there could be a secure way for this. i was hoping to host a site later.