Theft of E-Gold - the perfect crime

Earlier this month I bought £140 of E-gold; I made a few spends but when I logged into my account a few hours later the rest was gone, a character named zhou, account 2914702, had siphoned it off.

I contacted E-Gold and they put a block on his account, which means that he can't receive any more funds, although he can still spend his ill-gotten gains.

The long reply I received from them was ultimately unhelpful; they seemed to treat this as a civil matter rather than a crime and told me they couldn't disclose any information about him without a warrant; I was advised to contact my local police. I contacted the national police fraud alert who referred me to local police; the latter ignored my faxes after my phone calls were cut off. Eventually I managed to make proper contact and after speaking to a WPC and a detective I was told the British police had no jurisdiction and was advised to contact the British "Embassy" ie High Commission in Bermuda. As E-Gold is based in Bermuda the crime was committed there.

The following information was given me by E-Gold

The spend was made from ip address '69.143.136.149' on 2006-06-02 @
08:27:36.000 (this is in EDT)
The automation was enabled from ip address '86.144.184.151' on 2006-06-01
11:39:32.000 (this is in GMT)
The AccSent security was disabled from ip address '86.144.184.151' on
2006-06-01 11:39:32.000 (also in GMT)

It appears that a public computer I used had been infected with some sort of E-gold Trojan or virus and this allowed zhou to hack my account.

I've been told I have no claim against E-Gold, and have little chance of this crime being investigated properly and even less of getting my money back.

Anyone using E-gold, please don't use public computers; use your own machine and only that, and make sure it is clean.

I didn't really care about security before. I thought that everything was okay. I mean, I had Norman anti virus and no virus really harmed me before so I thought nothing can happen to me. Later on I lost 60$ because of a hacker.

When I logged into e-gold one day the normal screen didn't come up, and instead some ‘turing’ numbers showed up once more. I wrote them and when I eventually came to my account it took a few minutes and then it was empty left with a few cents. The virus checks out if you write "e-gold.com" and when you do, and log in to e-gold it opens a hidden window that you can't see. Then it simply sends money from your account and over to the hackers account!
So be aware of this and NEVER use internet explorer, that’s where this happened, I couldn't find the virus so I reinstalled my entire software just to get rid of it. Unlucky there is nothing to do about money lost with e-gold as they won't allow chargeback.

There is a "virus" that infects your computer when visiting infected websites in internet explorer. Then the virus open an invisible screen the next time you open e-gold.com, and make a fraud payment to the scammers account. In this way there is no need to either have your IP or e-mail. They won't even need your e-gold password or account number. The hacker will see payments going in to their e-gold account. And when their account get's limited they easily create a new one. (I do not guarantee this is EXACTLY how it works, but something very close to it).

So I have written some tips you can use to make sure this won't happen to you and trust me, you won't regret having security even if it's very boring.

1. Make sure you don't use internet explorer when logging into your e-gold account. Use firefox or another similar browser.
2. Always use SRK (keyboard using mouse), it’s a lot of hassle, but you won't regret!
3. Use long and difficult passwords to remember: 1fj_f5*rice9 for example
4. Have your e-gold security on MAX
5. Use different passwords on e-gold and the e-mail
6. Have one "safe" account and one "risk" account. Use the risk account when making payments and store your gold in the safe account.
7. If you have been infected with the very common virus this days you can try to login to a "fake" e-gold account (in INTERNET EXPLORER ) just login with account for example: 1294904 and use password: ‘idontlikeyou’ and enter correct turing numbers. If you have been infected the turing number will show up once more on a page with nothing else. If you are infected there is no other way than to reinstall your computer, that is, if you can't find the virus.
8. To be on the very safe side I would recommend you to use another computer or a virtual computer (WMware) when login into your safe account.
9. Make sure you have entered e-gold.com and nothing else. Bookmark it to your favorites.
10. Never click links in emails from egold.
11. Never open mails you don't know.
12. The chances of being hacked are real 24 hours. I hope this can help you not to get hacked, but as a final rule.

Never store more gold than you can afford to lose!