Find this page online at: http://developers.evrsoft.com/article/web-development/computers-internet/hacking-paypal-stormpay-or-e-gold-accounts.shtml

"Hacking PayPal, StormPay or E-gold Accounts?"

By Saqib Ali
Posted Sunday, December 19, 2004

Close your door! Off hook your telephone! Cancel all your assignments! You are going to read the most sensitive information about your StormPay, Paypal or e-gold accounts. If you miss today, you can lose every penny from your accounts or even may not have access to them tomorrow. Monsters of cyberspace darkness are after you. They shall catch you one day if you don’t know all the tips given in this article.

Are you *feeling* Insecure?

You are not secure on internet at all. Whatever safeguards you develop, the hackers shall maneuver new techniques. However, you can feel much secure if you know: What is the SSL? How hackers intrude into your secure account? How to avoid financial loss?

What is SSL Server?

Secure Socket Layer (SSL) means a standard for establishing a secure communications channel to prevent the interception of your critical information. Primarily it enables secure electronic financial transactions on internet. All money processing companies such as StormPay, Paypal, and e-gold etc use the most secure socket layers at their servers. Hackers with their extreme skills and powerful computers (theoretically) can’t intercept your communications with these companies. But you might have experienced or heard that hackers have been accessing secure sites. Millions of dollars are drained every year from processing accounts.

How the Hackers Break Into Your Secure Accounts?

Hackers have been developing horribly sophisticated skills to access your secure accounts. If you are a programmer you may like to develop anti-hacking software. However, if you are a common man like me you can make yourself securer if you don’t let them access to your password. In most of the Paypal hacking incidents, people provided their secured information willingly to the hackers without knowing it.

1. You Send Your Secure Information Through Email:

Email is insecure mode of communication. It can easily be intercepted. So it is dangerous to send your secured information through email. However, it is last nail in your financial coffin to send your user id and password directly to the inbox of a hacker.

How is it possible?

You receive an email from Paypal admin that due to some technicalities they have messed with your account. They ask your user id and password to fix the problem. You see that “From” field contains anything@paypal.com . You have nothing to fear and send your information directly to the inbox of a hacker who is misrepresenting as admin of the Paypal. There are programs which can hide real contact of the sender with some fake email address.

2. You Disclose Your User Id and Password to Hackers at their Websites.

It is stranger but it easier than the previous one. You receive a security alert from Paypal which requires you to log-in through the link or provided with the email. But in 100% cases that URL or form shall take you to some fake website that shall look like that of Paypal. You supply your user id and password but the log-in page of the Paypal re-opens.
Alert!

You have been hacked. Don’t think that you had mistyped your password (which we often do). Log-in to your account and change your password immediately.

3. You Pay hacker to Break in your account:

You may term me crazy but it is the most dangerous strategy that hackers use. They build a business-like website and put some products for sale. You visit their site, select a product and click the payment button of any company. You may land at a fake website having copied web-pages of the concerned company. You try to log-in but that page reopens. Not having Paypal hacking idea, you submit your information now at the real site to pay him $20.00 for the product. Next day or after some time you may find your account empty.

4. Misspelled Domain Name:

Anybody can get a domain name registered for a few bucks. The hacker shall simply get a domain name closer in look to the any of the money processing companies but with different spellings such as stompay, paypla etc. Now it is matter of time. Whenever you make a typo (we do often), you shall land at this fake website. Thinking it genuine one, you put your secured information in the hacker’s files.

How to Avoid Financial Loss?

You are responsible for security of your password. You can avoid major financial losses if you take following pre-cautions.

Change Your Password Frequently:

You don’t know whether your last deal was with a genuine businessman or a hacker. Even if he is a real business, it will take only a few seconds to change your password after each transaction. If that is not possible then change your password at least once a week.

Never Email Your User Id and Password:

Whatever reason the president of your money processing company may quote, never send your user id and password to him via email. In fact the company does not need your user id and password to fix any technical problem.


Never Log-in from links in Your Email:

Never log-in your money processing account from any link or form that you receive through email. In 99% cases you shall be hacked.

Look for a security lock at your browser before Logging in. Whenever you process your money online your browser should display a security lock icon. In the case of Internet Explorer it appears at lower left part of your window. If you don’t find such a security lock you are at risk. That is not original website of the company.

Always log-in from Your Favorites Folder:

To avoid typo mistake, you should always log-in to your money processing accounts from your “Favorites” folder. You MUST Type URL of the company very carefully for the first time. After that whenever you shall visit the site from your “Favorites” folder, you shall reach to the genuine site. If you are too green, it is very easy to add a site to your “Favorites” folder. Just follow these steps if you use Internet Explorer:

Click “Favorites” at top menu bar of your Internet Explorer. Click “Add to Favorites” from the drop-down menu.
A new window shall open. Click “New Folder” and name that Accounts. Select your “Accounts” folder and click O.K. It is done!

Always Log Out after completing Your Operation:

Many people lose their money simply by not logging out from the secured sites specially at public terminals. There is nothing wrong if you develop habit to log-out every secured site even at your home P.C. You don’t know when your children may mess with your accounts innocently.

Watch Out For Cookies:

Most of the money processing companies put their cookies at your computer when you visit them for the first time. Whenever you re-visit your account, you shall see your user id field already filled. Just enter your password and you shall have access to your account. However, no false website shall display your User Id upfront. But it doesn’t mean that every secured site which does not show your id is false. You may have lost your cookies for one reason or the other. However, it is good to be watchful.

Always Opt for Email Notification for Each transaction:

When you create an account with any of the money processing companies, always set your preferences for email notification per each transaction. If somebody transfers money without your knowledge, you shall get an immediate email notification. You can contact the company admin and they may be helpful in some cases.

9. Always Use Complicated Passwords:

Sometimes hackers use codes to break into your secure accounts. It is much better to use complicated passwords which not only include digits but also a mix of capital and small letters.

Whatever measure you adopt, you can’t guarantee that your secure accounts shall not be hacked. The best advice is to keep as little money as possible in your money processing accounts. If your accounts are hacked you shall lose very little.

10- Don't Give Your Downloadable Return Page

I have seen some newbies providing their download page as their return page for the StormPay button to make the access INSTANT. It is dangerous because StormPay shows your return page in the source code of your web-page. There is particular part of a StormPay payment button at my website:

If your return URL is your download page for 'INSTANT ACCESS" anyone can download your products without paying you a penny. Some people have reported such type of problem with the PayPal too but I don't use their services so I can't comment about them.

About the Author
Saqib Ali publishes weekly electronic magazine for home based business owners. Visit (http://www.1stonlinebusiness.com) or send an email to saqibali@wealthysecrets.net?subject=TRAart to subscribe "The Homebizine" and download “Answer to Money, Time and Traffic” *Absolutely Free*. Also download bonuses of $125.00 free.