[OT] Malware

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[OT] Malware

Lee Glickenhaus-2
Folks - this is an odd request for advice and/or referral.

The upshot of my story is this:

Several times over the past 8 months or so, Amazon orders not placed by me and NOT CHARGED TO MY CREDIT CARD, have appeared in my Amazon Archived Orders History.  In addition, the credit cards used to place these orders then appeared in my Amazon “payment options”, giving me the ability to make purchases on the credit cards of unknown people.

I have provided all the details to Amazon and their response is that all these orders were placed by my computer while under the control of some unspecified malware.  They assert that all orders contain the IP address and/or other fingerprint (unspecified) of my machine.

I know this to be false since I have spoken to people whose personal information appears as having made and received these orders, and they assure me that they indeed placed them from their homes and on the credit cards.

But I’d like some expert consultation on how the “malware” postulated by Amazon might work, or if it is even possible.  I’m running Yosemite (all current patches) and am careful about opening attachments etc.

Any advice or referrals to a Mac security expert that I could consult with are appreciated.

Thanks

lee


#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: [OT] Malware

Bil Corry-3
Let's start with the theory that your computer doesn't have malware.  If
orders are showing up in your history archive, are you also getting the
emails from Amazon that it received your order, and again when it shipped?
If the seller wasn't Amazon, did you contact the seller and ask who the
listed buyer is (you or someone else)?  Do you have additional shipping
addresses added to your account?

Now, let's look at if your computer does have malware - how did you track
down the "real" customer?  Did you use contact information provided as part
of the order?  It could be you're communicating with the fraudster and
they're pretending they're just an innocent customer who doesn't know why
you have their info in your account.

Instead of malware, it could be a remote connection is enabled in some way
(SSH, software you installed, computer repair shop installed it, etc), or
it could be friendly fraud, i.e. someone in your household that has access
to your computer.


- Bil

On Thu, Mar 10, 2016 at 4:21 PM, Lee Glickenhaus <[hidden email]> wrote:

> Folks - this is an odd request for advice and/or referral.
>
> The upshot of my story is this:
>
> Several times over the past 8 months or so, Amazon orders not placed by me
> and NOT CHARGED TO MY CREDIT CARD, have appeared in my Amazon Archived
> Orders History.  In addition, the credit cards used to place these orders
> then appeared in my Amazon “payment options”, giving me the ability to make
> purchases on the credit cards of unknown people.
>
> I have provided all the details to Amazon and their response is that all
> these orders were placed by my computer while under the control of some
> unspecified malware.  They assert that all orders contain the IP address
> and/or other fingerprint (unspecified) of my machine.
>
> I know this to be false since I have spoken to people whose personal
> information appears as having made and received these orders, and they
> assure me that they indeed placed them from their homes and on the credit
> cards.
>
> But I’d like some expert consultation on how the “malware” postulated by
> Amazon might work, or if it is even possible.  I’m running Yosemite (all
> current patches) and am careful about opening attachments etc.
>
> Any advice or referrals to a Mac security expert that I could consult with
> are appreciated.
>
> Thanks
>
> lee
>
>
> #############################################################
>
> This message is sent to you because you are subscribed to
>   the mailing list Lasso [hidden email]
> Official list archives available at http://www.lassotalk.com
> To unsubscribe, E-mail to: <[hidden email]>
> Send administrative queries to  <[hidden email]>

#############################################################

This message is sent to you because you are subscribed to
  the mailing list Lasso [hidden email]
Official list archives available at http://www.lassotalk.com
To unsubscribe, E-mail to: <[hidden email]>
Send administrative queries to  <[hidden email]>