Ok this is a rough breakdown for now of what I KNOW.
We zoom back in time to a laptop that suffers from a keyboard that has certain keys on that dont work (happens to all my laptops! why?) even if I use a USB keyboard the same keys just dont work. I so stopped using the laptop and eventually got another cheap replacement.
On that laptop was a program called thunderbird (email client), it was configured to download emails from a email account I set up a long time ago, I never bothered adding it to the newer laptop or pc, I used the email address for this site and as it turns out I had also used it for making an account in my dads name for Amazon.
I rarely use Amazon I normally use ebay and for books I prefer Abe books, however as I posted a while back I got a great deal on what was essentially an all but new AOE 3rd ed really cheap off Amazon. I signed into Amazon on the PC and didnt bother checking the laptop emails, to be fair I had totally forgotten I had used the email address to set up Amazon ages ago.
I have no idea how this all connects yet so i will just give you the time lines and what I did.
The laptop run unbuntu and as far as I know there is no known malware for it at the mo.
I know There is a mac virus connected to TRANSMISSION torrent client, it was on the official Transmission download site. I have a sneaky that That there is also one for one of the lnux thunderbird updates but cant find any confirmation of this.
I got the book and a few weeks later we got an Amazon prime card in the post in my dads name, I thought it odd but didnt really take much notice. It asked me to register the card but I saw no point and didnt bother. Now I am aware happy crooky are used for promos on Amazon and Amazon prime is a very similar scam to the one happy crooky run.
I needed to use the old laptop and while I was on it it updated the system and thunderbird, it also downloaded ALL the emails on the email server I dont bother with, this is where I dont know what or how its done, but my suspicion is the malware was on the email server or on the thunderbird update, it had only two avenues one was to clone a ETO email and one was to clone an AMAZON one, I have never asked for an Amazon Prim card (free trial) so thats a bit odd in itself, the ETO email offered me a deal claiming it was because i was a long standing member etc etc. It had real ETO links to the forum and Facebook, so I clicked on the link and fill out the details (why not i trust eto?), it asked for proof of age and a nominal fee of £1, this seemed reasonable and I came up against this alot online, its one reason my mum has an account in her name that only I use. Some of things you have to be 18 to buy are stupid, I also run a company in my mums name and need to buy chemicals so all this is done with the same card, my mum then takes money (if there is any) from the real company account and put its in the bank account I use. For protection and safety the bank account is a very simple one, no cheque book, no overdraft no benefits just a debit card.
The idea is money can go in the account and be moved to the real company bank account almost tstraight away without giving out the details of the company account, as this account does have a small OD facility (£300). It also means if I need to buy something online I can put money in from the company account to cover the purchase and be safe in the knowledge that if something goes wrong the account dosnt have a overdraft and the bank will simply refuse the payment.
This is where the bank failed! For the first time in 3 years it actually honored 3 payments with no funds in the account! they say its because of the way the payment was presented and the company being offshore (happy crooky). I think they just fcked up, and now they are telling us they cant use the distance rules to get the money back??? But they are waving the fees for being overdrawn without an overdraft.
This will be a battle with the bank, but seeing as its owned by the TAX payer (RBS) then I wont give in until they give me back the money! Actually apart from £72 there was no money in it, so the stand off is I am not paying the overdraft. the £72 was for a purchase i was making, as it turns out happy crooky got it instead and although the bank could see 2 other payments to them due to go through they said they couldnt stop them.
So how do you protect yourself?
Honestly there is only one way in the end, as much as we love ETO and other places and as much as they love us, there is one simple fact, there is no such thing as a free lunch, if the deal is better than good then your getting weed on and being told its raining
. No one including ETO is going to give you a deal too good to be true. I wish I could be more helpful and tell you what to look for, but seriously unless you get one email a day and can sift through all the headers and delve deeply into them, then the one and only thing likely to protect against this kind of attack is the above advice.
Maybe if your not sure pm or ask in a thread if ETO or whoever are running a promo with X company, not too much else you can do. People say read the user agreement, I did or at least i thought the blurb In the box I ticked was the T&C's but they wernt, one simple line got me...........Subject to the FULL T&C's, its down to you to actually check what you have read and agreed too is the full T&C's, then even if you go looking for them dont expect them to be easy to find, again this should ring alarms bells, finally when you find them look at it this way.............
Why 500 pages for a £1 transaction? dosnt add up so walk away, I didnt look at it this way before so hopefully my hindsight might help you in the future. One last thing....
NEVER get smug and post about screwing over the scammers online and how you never get caught
, humility in all things or murphy is gonna bite
.