|
Quote:
anyways, im still wondering why they dont want to explain anything... |
Quote:
plus after this i scanned my machine with every program i found out there and nothing showed up.. it was clean. |
|
We are looking at this now, again. I will post the results of our investigation here if that's what you want. Is that what you want? We won't debate our policy or make changes to our policy based upon posts. If you or anyone want or need attention to your account, call CS. You have posted yourself that you were attended to quickly. That is the proper forum for discussion of account problems. However, if you want us to post our results here for all to see, we will. LMK.
C PS: EPASSPORTESUCKS.....You are a fucking coward. If you have something to say, why cover up with a new User Name? You're a bitch...and not in a good way. |
Quote:
so this person somehow got our user-pass at the same time.. oh PLUS this other webmaster doesnt use windows but only LINUX, and im sure that complicates things... |
Quote:
are you going to follow smokeys advice? Banks will often reimburse its customers when problems like this happen ( theft ) but they arent always required to , often they do it because its the right thing to do.. or simply to keep a customer and avoid bad publicity... I think epassporte should pay attention here and follow suit. if they want to be trusted like a real bank they should act like one |
ePassporte is not a bank. We will post our results here when he tells us its ok. Our policy is not changing.
C |
Quote:
2nd, yes i only want answers, me and the other webmaster want to know exactly whats going on.. and i think every client from epassporte needs to know as well what exactly happened, right? for everyone sake im sure. btw i was attended quickly by support the day i got hacked yes, but not after i requested information about what happened... took me 1 week to get a reply from anyone on epassporte.... plus i emailed account verification or something and they ignored my email... and all i got from epassporte support was that they couldnt tell me what happened.... and after that we were told that they had all the information about this person and what he did with the money but that they cant tell us basically because they make money from this and the only ones losing it us... or some lame excuse like that. and i dont think anyone is interested in protecting theifs right? theres no point. |
Quote:
|
Its about bloody time epass says SOMETHING
|
Quote:
Even if you wanted "permission to post results" you could have chimed in earlier. Good luck to THY in hopefully drawing out an explantion. I will not be using the service anymore. |
THY, I have one very serious question for you: Why do you have such a high balance on epass? I cannot understanding holding more than about twice your daily limit in there.
Keyloggers are everywhere, and often those people will use that information all at once... so perhpas they hit not 1 or 2 webmaster accounts but 100... but we only know of two. Perhaps they also emptied out 10 paypal accounts... who knows? Incomplete evidence means that there is no way to determine the source of these "hacks". As a side note, a "hack" would imply breaking the epass system to make it do something it wasn't intended to do. Alex |
wow, scary stuff.
|
Quote:
i didnt have 4500 in my account, it was me and another webmaster... they only took 2k from mine... now i usually have money there because i use it all the time, i take payments from clients and do webmasters payouts.. allso i know tons of adult companies keep in there big amount of cash. so really 2-3k is nothing big.. i dont know if they hacked or not i just want to know the truth but no-one had gave me any information yet. |
epasporte rocks :) i'm going to sent more $$ there
|
There can only be 2 possibilities: You either made the transactions yourself; or you have been the victim of a Phishing attack. The latter is what our data supports. Nothing, however, supports all of this ePassporte bashing. You have been in contact with our CS people and Risk people. Your issue is being addressed, as I will describe for the audience later in this post. I am, as a result of this post and a few others, changing our Policy regarding Board posts (see the end of this post for that information).
Now, to your specific issue: Assuming you were the victim of a Phishing attack, our policy is and has always been to return funds IF THEY ARE WITHIN OUR SYSTEM, if the fraud claim can be reasonably substantiated. We would typically believe that you were the victim of such an attack and your funds would be returned IF we could recover them from within our system. That is to say, if the funds were transferred to another eP client, we would roll back that transaction and credit your account, possibly blocking both accounts until the issue is sorted out. What happened here is that 1 hour after 2 transactions were run, you called the Call Center. The transactions were at a merchant outside of our system. The funds were gone at the point of authorization through the Visa system. Effectively we have to pay that (those) authorized amount(s). We have done so, as it is not even an option to not pay a Visa Interchange Demand. The answer as to how these amounts could be done in such close time proximity and in such ?high amounts? (they were $500 btw) is simple: You are an ePassporte Select Card Holder. You authenticated yourself and requested higher spending limits. These were all Virtual Visa transactions. They were fully authenticated with card expiry date, CVV2, address verification. This further supports a Phishing attack. As you know, the only way to access the ePassporte account is to have the User Name and Password ? none of the transactions you claim as fraudulent are P2P; they are all Virtual Visa transactions. The only way to complete a Virtual Visa transaction is to have ALL of the Card Holder data. Nobody in our company, not one single person, has that data. It is an outside, Visa approved vendor?s data base, not ours. The communications between you and us, when it comes to password authentication or changes to any data requires this vendor?s involvement for verification. They have not been hacked or compromised. This is a fact. And this is not an inside job, as some have suggested. In fact, this sort of fraud happens all the time, as I am sure you are aware from just reading any publication. We are fortunate to have had only a few cases of this at ePassporte. More importantly and most telling as to the fact that this is a Phishing attack: You share an IP with an ePassporte Card Holder that has been the victim of a Phishing attack in the past. All of this, to our Team, suggests clearly that you in fact are a victim to this type of fraud. Lately the fraudsters are sending emails asking you to click a link to get to the Message Center. We would never do this. Some people click the link and enter their User Name and Password without even thinking. There are many scenarios one could think of when understanding that you share an IP with a know victim?s machine or system. Again, had the funds not left our system, we would have been able to recover them and return them to your account. As it stands, the funds were properly authorized and are gone. Certainly you can understand that our policy must be as stated. If it were different, we would become victims of fraud, over night, with fraudsters attempting to spend funds and then recover. As you also know, we have begun our Dispute Recovery Process. Unfortunately you have stated to our Team that waiting for the recovery was too long of a process. Be that as it may, we are attempting to recover the funds. This is our procedure: to first go to the Merchant and ask for a credit, then go the chargeback route, although this is cumbersome. If we issue a chargeback you will get the funds credited to your account, however, the funds would then be blocked for your use in our system for several weeks or months, as this process is easily reversed by the Merchant by Representing the original transaction. As the transaction was fully authenticated there is a good chance a chargeback issued by us for you would not stick and the transaction would end up where you are today. So as you can see, getting a credit is better and faster than starting down a chargeback route, which could take up to 6 months. These are not our time periods, rather Visa?s. Those are the rules. We will however go the chargeback route, as you have claimed fraud, if we are unable to get credits. Getting a credit is difficult as well, again as these are fully authenticated transactions. We follow all Visa rules when it comes to these things. We are truly sorry for anyone that is the victim of any type of fraud. We do everything we can to help you avoid becoming such a victim. But given your shared IP with an admitted victim, we are pretty sure that this is what has happened. Again, we are sorry for the loss of your funds, however our policy is consistent with all Issuers of Visa cards and we are unable to recover your funds without going through the process described above. ePassporte is a trusted brand in the Adult space. We have thankfully only had a handful of these attack victims. We believe that we do a better job than most in protecting data security. Our track record is long and successful. We do not want to lose the trust of anyone, however, our policy is not going to change. Lastly, I want to understand why, when you know fully what we are doing to recover your funds, you would start a thread like this? I assume it is to try and pressure us into just giving you money. I hope I am wrong. I won?t reply to any more posts here, I think my answers and descriptions are clear and detailed. If you, or anyone, has a question about this or any other issue, please contact me via email: [email protected] I will always do my best, as will my Team, to answer Card Holder questions. But issues like these are not for discussion on Boards. They involve financial transactions, fraud, data and procedural security and the like. I am sorry that there are those out there that love to take shots at our CS and our operations ? it is easy to see their motives. All we ask is for you all to take a look around at the biggest and most respected names in Adult and they will all tell you that ePassporte is their currency of choice. We strive to do better everyday and we always welcome constructive criticism and positive advice from those that are not trying to simply tear down what they do not understand or can?t compete with, fairly. C PS: A new Board Policy is now going into effect: ePassporte will not post on any board or in any forum in response to Card Holder specific issues. We will be here to answer general, serious questions about our products and services. Keyser (Michael) will still be here daily, but will only post in threads as described above. This policy is to allow us to operate our business properly and professionally and privately. And again, I am always available by email. C |
Quote:
|
Is that an anserw looks more like your accusing him of stealing his own money, and he didnt start this thread to bash you stupid fuckers, he gave you guys plenty of time to resolve this issue. The fact is your system is shitty and there should be better steps to secure it. The fact that you wont even release the info of this guy without him having to pay for a lawyer is bullshit your pretecting the guy who stole from him. You are something I wish I could say but i do not feel like getting banned today. Epass is a fucking joke.
|
Breaking my own rule about not posting here, but its worth it. Joel, you are a fucking idiot to post like this. I expect more from you. READ MY POST DAMNIT! I am not accusing him of stealing his own money. Stop trying to bash and take a reading comprehension class. WTF man? Read my post!
I'm out. Nice weekend all.... C |
its nearly impossible for some of us to not keep large amounts of cash in epass certain times.
example... i have $2 in epass right now. sometime in the very near future i need to send $10,000 to a producer in budapest, i do this every month. i have to load my epass with 10k - i initiate the wire and wait for some undetermined amount of time for the money to show up.. sometimes it takes 2 days and sometimes it takes 5 days. and i dont get an email from epass by default that says "your money just showed up" so 10k sits in the account, if its only there for 5 minutes or 5 days i am equally as vulnerable. those of you who post 'epass has never screwed me' will sing a different tune the day it happens. personally, i am currently seeking an alternate method - its sad that it would be safer to fedex 10k in cash than use epass |
Epassporte still sucks Chris - glad you like my nick :321GFY
|
Chris please keep posting, i have questions... first what do you mean with this??
" More importantly and most telling as to the fact that this is a Phishing attack: You share an IP with an ePassporte Card Holder that has been the victim of a Phishing attack in the past. " sharing an ip with who?? what ip? i have no idea what are you talking about |
btw i make this thread to get answers, not sure who are you talking with but my account was hacked last week and i didnt get any information and the only time i got some help was to block my account.
PLUS if you see how many posts i have, you can easily noticed im not the kind of guy that likes Drama... i have business to attend but i dont like to waste my time working to later on get my money stolen.. |
you posted:
"The answer as to how these amounts could be done in such close time proximity and in such “high amounts” (they were $500 btw) is simple: You are an ePassporte Select Card Holder. You authenticated yourself and requested higher spending limits. These were all Virtual Visa transactions. They were fully authenticated with card expiry date, CVV2, address verification. This further supports a Phishing attack." im not sure if i understand, this person daily withdrawal limit was of how much? 5k ? or he didnt withdrew the money but spent it online? btw do you know something about this person? is him a webmaster? from where is he? |
i would realy appreciate if you keep around and reply to my questions.
thanks again. btw, you are 100% confident that the epassporte security is the best? dont you think it could be better to find a way to protect its customers? i mean lets say i had an E-Identifier for my epass account... that would solve all the phishing problems and passwords stealing etc.. right? Epassporte is the only company providing this service so no-one can push you to make it better but yourself.. |
or even better, charge the E-Identifier cost to us... i would pay for it for sure..
im the only one taking the hit here but i honestly dont think thats how it should be... you even made money out of this and i not only lost the 2k but also had to pay 40 for my new account... lol |
Ok, complete 100% outside observer here.
THY, it looks like what Chris is saying is that the person has ALL of your info. Epass username, password AND Visa number, expiration date and CVV2 number, your physical address.. everything. (Ouch, that sucks!) :( Also, he said that they were all Visa purchases. IE: Someone BOUGHT 4 products/services worth $500 each, draining your $2000. There is no Visa spend limit per day is there? Only an ATM withdraw and P2P limit? That would explain that if so. Anyway, I say good luck to epass to get those merchant(s) to acknowledge that they were fradulent (before they got to the merchant) transactions, and to allow the charge backs. Maybe a bank rep. could help if they know the amount of funds daily that you're dealing with. |
hi Tom,
im not sure if thats what he meant? if so please chris can you confirm that this person has all this info... also i didnt know that you can spend 4500 dollars with the electron card in 1 day.. is that right? |
Quote:
Quote:
OR, like Chris suggested, maybe you have a keylogger trojan that is hiding itself very well. Or clicked an email to a fake site in a weak moment, only you would know.. Or something else that I wouldnt know. In any case it's best to close any holes you DO know about or can at least check before proceeding. As to what the spend limit is on the Visa, I have no idea! It should be in the FAQ or something I would guess. I dont have an account so I can't help you there at all. I think I've only heard about withdraw and transfer limits, maybe there is no spend limit if you're BUYING something. (how could there be though? What if you want a plasma tv or new computer with your $2000? You should be able to just go buy it) |
no public network, no wireless...
i didnt click any email trust me, i know that kind of tricks... trojan-keylogger: i already checked many times with different programs and nothing so far.. and about limits, i know i have a daily limit to spend with my card... but thats me i dont know others.. the stuff about the IP is very confusing, i have no idea what is he talking about really... whoever told him that is wrong. |
onehundredfiddy
|
if these were virtual visa transactions, meaning that the money was spent online at a merchant, the user would not have to have all the cardholder's info - just the name, number, expir. date and numbers on the back of the card. any merchant who has run a card for a transaction may have all of that information and so might their employees.
they wouldn't need to log into the account - i don't when i buy domains with our virtual visa. seems to me that if the merchant who accepted the card in good faith has the ip number of the user, and it isn't in a similar area to where the actual cardholder was at the time, that's the beginning of a chargeback or even legal action from epassporte and/or the cardholder. |
so there was a chargeback done for the purchases or not?
even if it takes 6 months i will get the money back at some point... |
Quote:
From a security standpoint (as well as being able to prove your business expenses in case of an audit) a check is always better than a wire to a an electronic payment system... after all, did you buy content or play poker? Not bashing epass, just being practical and using the tool at the level it was intended for. :) Alex |
I'm confused. If the details from my Visa that my bank has given me are stolen then the bank reverses the charges, gives me a new card, and contacts law enforcement to hunt down the offender. If the Visa details associate with an Epassporte account are allegedly stolen then Epassporte blames you, refuses to refund any money or give any details on the thief, then gets all shitty and refuses to answer any more problems on the forums ever?
|
If I had to guess what happened based on what's been said, THY's machine was/is compromised by a backdoor. That person is probably running a keylogger and used his machine as a proxy to log in as another epass user in the past. They either captured his info from keylogging it or it was left in local file on his machine.
From there, they made virtual visa transactions to an online merchant, thereby bypassing the withdrawal limits as those effect cash transactions and not purchases. Backdoors essentially let someone run any software they want. They can run a keylogger to capture local keyboard input, they can run an http proxy that will route all their web traffic through the infected computer's internet connection, they can use your machine to send spam, all sorts of nasty things. If what Chris is saying is correct, they don't have THY's visa/cvv2 information in house, it's authenticated by a third party, which is pretty common. This rules out anyone gaining access to that data via hacking his epassporte account and also rules out an inside job. In this case, epassporte's security is really not the issue as it wasn't the sole factor in THY losing money. Access to his Visa particulars was. |
i'm no expert on this, but if a store takes a fraudulent credit card sale then the loss is down to the store not the card holder? surely the same applies to a "virtual visa card" or am i missing something?
|
Quote:
|
i know what backdoors are and how to detect-avoid them...
i used to play jokes on ppl computers when i was 16 through irc using trojans and that shit... im not new to this.. in any case i still think theres information missing from epass... |
scary stuff...Its impossible to not keep money in epass...I can only take out 1k per day. Say I get a 10k payment I cant take it out for 10 days!
|
| All times are GMT -7. The time now is 03:44 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123