Pay Pal Hacking
by Saqib Ali
Close your door!
Off hook your telephone!
Cancel all your assignments!
You are going to read the most sensitive information about your StormPay, Paypal or e-gold accounts. If you miss today, you can lose every penny from your accounts or even may not have access to them tomorrow. Monsters of cyberspace darkness are after you. They shall catch you one day if you don’t know all the tips given in this article.
Are you *feeling* Insecure?
You are not secure on internet at all. Whatever safeguards you develop, the hackers shall maneuver new techniques. However, you can feel much secure if you know:
What is SSL Server?
Secure Socket Layer (SSL) means a standard for establishing a secure communications channel to prevent the interception of your critical information. Primarily it enables secure electronic financial transactions on internet. All money processing companies such as StormPay, Paypal, and e-gold etc use the most secure socket layers at their servers. Hackers with their extreme skills and powerful computers (theoretically) can’t intercept your communications with these companies. But you might have experienced or heard that hackers have been accessing secure sites. Millions of dollars are drained every year from processing accounts.
How the Hackers Break Into Your Secure Accounts?
Hackers have been developing horribly sophisticated skills to access your secure accounts. If you are a programmer you may like to develop anti-hacking software. However, if you are a common man like me you can make yourself securer if you don’t let them access to your password. In most of the Paypal hacking incidents, people provided their secured information willingly to the hackers without knowing it.
1. You Send Your Secure Information Through Email:
Email is insecure mode of communication. It can easily be intercepted. So it is dangerous to send your secured information through email. However, it is last nail in your financial coffin to send your user id and password directly to the inbox of a hacker.
How is it possible?
You receive an email from Paypal admin that due to some technicalities they have messed with your account. They ask your user id and password to fix the problem. You see that “From” field contains firstname.lastname@example.org . You have nothing to fear and send your information directly to the inbox of a hacker who is misrepresenting as admin of the Paypal. There are programs which can hide real contact of the sender with some fake email address.
2. You Disclose Your User Id and Password to Hackers at their Websites
It is stranger but it easier than the previous one. You receive a security alert from Paypal which requires you to log-in through the link or provided with the email. But in 100% cases that URL or form shall take you to some fake website that shall look like that of Paypal. You supply your user id and password but the log-in page of the Paypal re-opens.
You have been hacked. Don’t think that you had mistyped your password (which we often do). Log-in to your account and change your password immediately.
3. You Pay hacker to Break in your account:
You may term me crazy but it is the most dangerous strategy that hackers use. They build a business-like website and put some products for sale. You visit their site, select a product and click the payment button of any company. You may land at a fake website having copied web-pages of the concerned company. You try to log-in but that page reopens. Not having Paypal hacking idea, you submit your information now at the real site to pay him $20.00 for the product. Next day or after some time you may find your account empty.
4. Misspelled Domain Name:
Anybody can get a domain name registered for a few bucks. The hacker shall simply get a domain name closer in look to the any of the money processing companies but with different spellings such as stompay, paypla etc. Now it is matter of time. Whenever you make a typo (we do often), you shall land at this fake website. Thinking it genuine one, you put your secured information in the hacker’s files.
How to Avoid Financial Loss?
You are responsible for security of your password. You can avoid major financial losses if you take following pre-cautions.
- Change Your Password Frequently:
You don’t know whether your last deal was with a genuine businessman or a hacker. Even if he is a real business, it will take only a few seconds to change your password after each transaction. If that is not possible then change your password at least once a week.
- Never Email Your User Id and Password:
Whatever reason the president of your money processing company may quote, never send your user id and password to him via email. In fact the company does not need your user id and password to fix any technical problem.
- Never Log-in from links in Your Email:
Never log-in your money processing account from any link or form that you receive through email. In 99% cases you shall be hacked.
- Look for a security lock at your browser before Logging in.
Whenever you process your money online your browser should display a security lock icon. In the case of Internet Explorer it appears at lower left part of your window. If you don’t find such a security lock you are at risk. That is not original website of the company.
- Always log-in from Your Favorites Folder:
To avoid typo mistake, you should always log-in to your money processing accounts from your “Favorites” folder. You MUST Type URL of the company very carefully for the first time. After that whenever you shall visit the site from your “Favorites” folder, you shall reach to the genuine site. If you are too green, it is very easy to add a site to your “Favorites” folder. Just follow these steps if you use Internet Explorer:
Click “Favorites” at top menu bar of your Internet Explorer.
Click “Add to Favorites” from the drop-down menu.
A new window shall open.
Click “New Folder” and name that Accounts.
Select your “Accounts” folder and click O.K.
It is done!
- Always Log Out after completing Your Operation:
Many people lose their money simply by not logging out from the secured sites specially at public terminals. There is nothing wrong if you develop habit to log-out every secured site even at your home P.C. You don’t know when your children may mess with your accounts innocently.
- Watch Out For Cookies:
Most of the money processing companies put their cookies at your computer when you visit them for the first time. Whenever you re-visit your account, you shall see your user id field already filled. Just enter your password and you shall have access to your account. However, no false website shall display your User Id upfront. But it doesn’t mean that every secured site which does not show your id is false. You may have lost your cookies for one reason or the other. However, it is good to be watchful.
- Always Opt for Email Notification for Each transaction:
When you create an account with any of the money processing companies, always set your preferences for email notification per each transaction. If somebody transfers money without your knowledge, you shall get an immediate email notification. You can contact the company admin and they may be helpful in some cases.
9. Always Use Complicated Passwords:
Sometimes hackers use codes to break into your secure accounts. It is much better to use complicated passwords which not only include digits but also a mix of capital and small letters.
Whatever measure you adopt, you can’t guarantee that your secure accounts shall not be hacked. The best advice is to keep as little money as possible in your money processing accounts. If your accounts are hacked you shall lose very little.
10- Don't Give Your Downloadable Return Page
I have seen some newbies providing their download page as their return page for the StormPay button to make the access INSTANT. It is dangerous because StormPay shows your return page in the source code of your web-page. There is particular part of a StormPay payment button at my website:
<form method="post" action="https://www.stormpay.com/stormpay/handle_gen.php" target="_blank" dir="ltr">
<input type=hidden name=generic value="1">
<input type=hidden name=payee_email value="email@example.com">
<input type=hidden name=product_name value="name">
<input type=hidden name=category value="Ebook">
<input type=hidden name=amount value="75.52">
<input type=hidden name=require_IPN value="1">
<input type=hidden name=return_URL value="http://www.1stonlinebusiness.com/spl/thank.htm">
<p dir="ltr"> </p>
<input type=image src="https://www.stormpay.com/stormpay/images/PayNowSP1.gif">
If your return URL is your download page for 'INSTANT ACCESS" anyone can download your products without paying you a penny. Some people have reported such type of problem with the PayPal too but I don't use their services so I can't comment about them.
-------------------About the Author---------------------
Saqib Ali publishes weekly electronic magazine for home based business owners. Visit http://www.1stonlinebusiness.com or send an email to firstname.lastname@example.org?subject=TRAart to subscribe "The Homebizine" and download “Answer to Money, Time and Traffic” *Absolutely Free*. Also download bonuses of $125.00 free.
IMPORTANT NOTE FOR PUBLISHERS:
Feel free to reprint this article at your website or in your ezine. In return, simply include the short "about the author" byline above.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More How To Articles
More By Developer Shed