Solved

several back to back Amazon.com unauthorized purchase invoices within email inbox

Posted on 2013-12-18
10
661 Views
Last Modified: 2013-12-22
Hello and Good Evening Everyone,

           Tonight, I was shocked and shook up to see several back to back unauthorized Amazon.com purchase invoices for different merchandise within my AOL email inbox.  Interestingly, each invoice only indicated zeros for the amount of purchase, balance due, and so forth.  Afraid that someone may be trying to use my MasterCard debit card to make these transactions, I immediately logged into my checking account and found relief knowing there were not any unauthorized pending transactions.  

             Figuring this internet security threat was due to malware, I began using a couple of cleanup tools.  First, I used the latest version of CCleaner to remove all unwanted files and to check the registry for invalid entries.  And, secondly, I used the latest version of Malwarebytes which did find 2 threats.  When I clicked on Show Results, the date of the infected objects did match today's date in which the mysterious Amazon.com purchase order invoices appeared.  With respect to more detailed information about the infected objects matching up to today's date, the following paths were given:  c:\Users\Leonard\AppData\Roaming\OpenCandy.   Also, there was another path given which was c:\Program Files\x86\Conduit\Community Alerts\Alert.dll and there was an infected registry key as well.  At any rate, I went ahead and selected Remove All and restarted the computer so all threats found by Malwarebytes could be removed.  Once the computer was restarted, I did open Malwarebytes back up and deleted all stored infected objects within the Quarantine tab.  

               Based upon what has been done and checked on, is my desktop safe now?  Or, are there other utlities or things which should be done for further protection?

               Any followup thoughts to this concerning security issue will be greatly appreciated.  I will look forward to reviewing everyone's shared input.  

                Thank you

                George
0
Comment
Question by:GMartin
  • 5
  • 5
10 Comments
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 500 total points
Comment Utility
All of Conduit should be removed, it is known malware.  Since we don't know where you go on the internet and what you click on, I can't really say that you are safe now but you have done the things that I would do.  I would also remove all toolbars from all browsers.  They are all spyware and some invite unwanted programs to your computer.
0
 

Author Comment

by:GMartin
Comment Utility
Hello and Good Evening

          Thank you so much for the feedback.  I do have a few followup questions.  First, I am still getting several more Amazon purchase invoices within my AOL inbox.  I do have a spam folder which I can redirect these too since these are illegitmate emails.  However, I do online business with Amazon though.  If I redirect the unwanted Amazon emails into my spam folder within AOL, would it accidentally redirect any future "legitimate" Amazon emails to the spam folder within AOL?  The reason I ask is because I did make one legitimate purchase earlier this evening before the problem began.  And, secondly, I have a question about a strange occurance with a Kindle HD which was purchased as a Christmas present for a friend.  When my friend tried out her Kindle HD tonight, it has my name, George on it or George's Kindle.  Of course, the Kindle HD was purchased from Amazon about 3 weeks ago, long before tonight's problem.  At any rate, do you think there might be some connection?  If it would not be too much trouble, could you give me some instructions or perhaps a link outlining the steps for changing George's Kindle to Kathy's Kindle?  

             In closing, I apologize for so many followup questions here.  But, there are a lot of strange things going on here which I am not clear on.  Any guidance on these followup matters will be greatly appreciated.

            Thank you

            George
0
 

Author Comment

by:GMartin
Comment Utility
Hello

           Oh, just one more thing.  Should I also change all passwords now?  And, do you think I should have a new debit card with a different number issued to me?  From what I can tell, my actual bank account has not been jeopardized.  So, that part might not be necessary.

            Thanks

           George
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
Comment Utility
Usually, emails like that are trying to get you to click on something so they can get your account info.  Have you checked your actual Amazon account?

I have no idea why the Kindle has your name.
0
 

Author Comment

by:GMartin
Comment Utility
Hello

           To be perfectly honest, I have not checked my actual Amazon account.  Since I have not changed my password to it yet, I have been somewhat hesitant about doing it.  

             George
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
That would have been the first thing that I would have checked.  Amazon keeps records of any orders that are placed.  Plus you have to login to change the password anyway.  ??
0
 

Author Comment

by:GMartin
Comment Utility
Hello

           Your suggestion to check my actual Amazon account certainly did spark much curiousity within me.  So, I decided to log into it and this is what I was able to determine.  Everything within the area of Open Orders is normal and does not reflect any unauthorized purchases.  However, when I investigated the area of Digital Orders, I did see about 2 pages of items which was also noticed within each of the mysterious Amazon emails.  I am not exactly sure what a digital order is, but, each item within it was a kids game categorized as an app for android.  Zero was the amount given for each of the apps for android.  My friend who was given the Kindle as a Christmas present did mention that her son was playing around on it tonight which makes me wonder if somehow all of this might be connected in some sort of weird way.  It seems like the more I think about this entire situation, the more confused I get about it.  

              I hope this additional information helps in any further attempts to understand and correct this situation.   Just so you know, I have not clicked on any of the links within the opened Amazon emails.  At this point, I still should be safe, I think.  

              George
0
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 500 total points
Comment Utility
Since it seems that the Kindle is tied to your account, it sounds like the kid found some free downloads and got them.  If the order info on Amazon matches the info in the emails, I think you have discovered what happened.
0
 

Author Comment

by:GMartin
Comment Utility
Hello and Good Evening

          Thank you so much for your followup suggestions.  Upon checking my purchase history within my Amazon account, I did find the entries to match what was sent within the emails.  I was extremely pleased and relieved knowing these were not unauthorized purchases and free app downloads.  Instead, the Kindle was synched to my Amazon accout either upon purchase or during setup by my friend.  I am not sure how all of this  happened exactly, but, at least I have a picture of what is going on.  I am in the process of trying to resolve some other kinks happening with the new Kindle given to my friend.  Hopefully, everything will eventually get ironed out.   Just in case you might be interested in checking them out, the open question links are as follows: http://www.experts-exchange.com/Hardware/Misc/Q_28323896.html  and http://www.experts-exchange.com/Hardware/Misc/Q_28323894.html  If you can not get around to reviewing my other open questions, that is fine because you have already been of great help to me anyway.  

             Thanks once again for getting me in the right direction.  Hope your Christmas holiday is a good one.

              George
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
You're welcome, glad to help.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
End Point Protection 11 70
McAfee Client Proxy Removal 15 44
antispam / virus gateway 5 46
turbotax on windows 10 56
For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now