Finally got my account back last night. I went off the deep end when I got an ad in my email for a bunch of Halloween type stuff yet they couldn't respond, within a day and a half, to my requests regarding my suspension. I tried to reply to the ad with an angry letter about the nerve they had to be able to send such a letter while not having the ability, in a reasonable amount of time, to respond to my requests for assistance on a security matter. I only got an autoreply that told me to contact Customer Service. I did that and got an email in seconds, again autoreply, that told me to send in, (FAX), my Drivers License or other government ID and that it would take 48 to 72 hours. Further, it said not to reply by email to the request for information as it would just add to the time that it would take to reactivate my account. Again, they refused to give any specifics about why I was suspended other than it was a security measure and they will not discuss their methods or how or why they detected a breach.
Totally fed up and with absolutely no patience left, I went back, the long way, through their website, to avoid any spoof type pages, and got to their Customer Service "Trust and Safety Department". This time I noticed that the "LIVE HELP" option was available and I selected that. I was originally told 5-30 minutes but once connected the timer ticked away from 45 minutes. I was probably waiting for about an hour.
Finally connected to a CS person I indicated my anger and frustration and she told me that she could fix things right now. She still wouldn't give any specifics other than they believed someone hacked my password and added that "A third party had accessed my account". To confirm my identity she asked a question about an auction that I had won last March. I looked in my email records and of course, that was when my old computer crapped out and I had to buy a new one. The data she was looking for was not on my current computer. As Jill said in a recent post about the dog and a skunk, "Close Encounter"??? Thank god for my good memory. I thought hard regarding 2 or 3 similar auctions and was able to give the correct answer.
After authenticating my identity she told me that I was going to have to change my password and that she would send me a letter telling me everything I needed to do along with one discribing the reason for the suspension. I got mail telling me to go create a new password and a new help question in case I forget my password. The letter explaining the reason for the suspension was the exact same general, We detected a breach in your password and to protect you from unauthorized use of your account suspended you. No further details or explaination. They indicated that among possible causes of this could have been someone guessing my password, I doubt that, I always thought my password was a little tough. Someone would need to know me pretty well or have dealt with me closely to have guessed that password. A Virus or Worm that detects and records keystrokes from your computer and can hack passwords. I do a weekly scan and have automatic Live Update with my NORTON and Windows XP, so I know my system is clean. I also have a firewall so that someone gaining entry to my computer would have been unlikely without me knowing about it, and finally Spoof mail which I have been aware of from reading here and all, and which I have been on top of and definately didn't respond to.
I did have a run in within the last couple weeks where I was a target of that worm that was going around. I was getting about 100 emails a day either trying to get me to open a Microsoft Security Patch or Internet Patch, Secuity Update Internet Security Patch.... Dozens of emails a day telling me of undeliverable mail most of which contained attachements of the .scr .exe and mostly .mim varieties. Many of those Mailer Daemon letters were Virus warnings that email that I had sent, To strangers I might add, contained the known virus/worm. I never sent any of that mail. I never opened any of them though other than to read a bunch of the returned mail letters when I was writing complaints to AOL. When I would attempt to open others I would get the alert about embedded script(?) or links and would not open those. My NORTON was fully up to date during this and I had run it at least 3 times in the first days of this bombardment.
Incidentally, from my reading and actions during that episode, it is my suspicion that nobody ever really breached my accounts. They may have harvested my email address from USENET posts. After a small flurry of the Mailer Daemon letters a few days prior to the main bombardment, AOL suggested that, in case my account had been hacked, I should change my password. I continued to receive this letters, a couple here a few there. Low enough levels that I could deal with them. Then BANG, I got 44 of them in one evening while I had left the house to go bowling. Emptied my mailbox and went to bed. Next moring, 60 more of them were in my mail in just the few hours that I slept. Over the next few days I was pelted with all this crap. Now, I am still getting maybe 2 or 3 of these mails a day.
Could this all have had something to do with that? Could that worm attack and my eBay problems be related?
This is all a bit scary and concerning. Hopefully it is all behind me though.
Thanks for all the help from those who responded to my original post. One thing that eBay suggested is that it would be good practice to change your passwords around every 30 days or so. I am not that creative. I don't know if I can think of that many passwords without confusing the hell out of myself with all the passwords I will have to remember. I suppose it makes sense though. Will have to try and figure out a way to do that.
|