The e-mail attemptes to scare you into thinking your e-gold account was deactivated and gives you a link to correct the issue. This is entirely false, e-gold has NOT deactivated ANYONE’S ACCOUNT. Go ahead and delete the e-mail, or better yet, forward it to the US-CERT and then delete it. For more information about e-gold, read my e-gold tutorial.

Here’s a copy of the e-mail:

This email is to inform you, that we had to deactivate your e-gold account access because we have been notified that your account may have been compromised by outside parties.

Our terms and conditions you agreed to state that your account must always be under your control or those you designate at all times. We have noticed some unusual activity related to your account that indicates that other parties may have access and or control of your information in your account.

These parties have in the past been involved with money laundering, illegal drugs, terrorism and various Federal Title 18 violations.

Account access will remain disabled until this issue will be solved. If you are the rightful holder of the account, please click on the link bellow and log in to your e-gold account.

https://www.e-gold.com/acct/login.html

The link will take you to our Account access page.

Please be aware that until we can verify your identity no further access to your account will be allowed and we will have no other liability for your account or any transactions that may have occurred as a result of your failure to reactivate your account as instructed above.

From: accounts@e-gold.com

We are contacting you to remind you that on 06.20.06 our Account Review Team identified some unusual activity in your account. In accordance with e-goldВґs User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved please log in your account or click on the link bellow:

Click here to activate your account

As always, be sure to take all e-mails very seriously, as your security can be compromised simply by clicking a link.

For more on protecting yourself online, read more about security here or at e-gold’s security page

To prevent your money being taken by a hacker in this way, find the program’s e-gold account number posted on their website and manually paste it into your e-gold’s “Spend” page. Avoid using the automatic e-gold payment link just in case it has been hacked. If you are redepositing, check your e-gold “Transaction History” to see the program’s old e-gold account and verify that it’s still the same.

To check if you have the trojan, please follow the steps below.

• Check your computer for two files in the C:\Windows\System 32\ directory named “gdiwxp.dll” and “gdiw2k.sys“
• Check for a program installed in the C:\w directory
• Log onto e-gold.com by manually typing the URL into your browser and click “Access Your Account.” If you are redirected to a “Login Confirmation” screen asking for the touring number, please DO NOT type it in.

If your computer has any of these symptoms, you need to take steps to remove the files immediately. Please DO NOT use your computer at this time to process any sensitive information including passwords, credit card numbers, SSNs, or even confidential documents or e-mails. This trojan has so far only been reported for changing e-gold security settings, but who knows what else it may capable of.

To remove the trojan, download “Security Task Manager” here. The files and/or directory will not delete manually, so use this free application to remove them from your startup registry and then delete them. Most other programs, including North AntiVirus and Lavasoft’s Ad-Aware, will not recognize the files as infectious and will not delete them. For more information on removing the e-gold trojan, please refer to this thread at TechGuy.org forums.

Please feel free to comment with any information you have about this serious matter and I will update accordingly.

Thank you to Chastech over at Trinary’s HYI and Gambling Blog for this warning.

The phishing HYIP will instruct you to change your e-gold account security settings to allow automated access to your account from any IP address. Traditionally, e-gold will remember your “home” and “work” IP addresses and only allow those IPs to access the account. Next, a spoofed deposit page will allow the scammer/hacker to aquire your e-gold ID and password. Because of the authorized access from any IP address, the hacker now has complete access to your account.

Two simple precautions you can take to prevent this from happening to you:

1. Always login to your account by manually typing the e-gold.com domain name, and always send e-gold to the HYIP/auto surf through the “Spend” form
2. Never make changes to your security settings just because an HYIP instructs you to do so.

For more on e-gold account security, read my e-gold tutorial or e-gold’s security page.

Dear E-gold user!

We are sorry to inform you that our automated system Fraud Block got noticed the fraud activity on your account in Egold. The system scans all the accounts to find out any suspicious transaction. That’s why after finding some suspicion transaction account getting blocked for 3 days.

You can do it right now yourself using the address given below for deleting your account from Suspicious list.:

https://www.e-gold.com/fraudblock/security/login.html

If you aren’t logged to your account in 3 days it will be blocked for further verification.

Your sincerely,
E-gold Security and Fraud Department.

Beware that if you receive a similar e-mail, it is a phishing scam! The URL goes to a hacker’s website NOT e-gold.com – using your mistake to steal your password or infect your computer with a trojan horse.

The e-mail address and name are spoofed, but exactly the same as a legitimate e-mail from e-gold. So could I tell it was a phishing scam? Hover your mouse over the URL and you can see where it actually points, this e-mail had the link going to a site with a similar name to www.e-gold.com (I won’t post the original for security).

I suggest quickly reading over e-gold’s “Security Recommendations” page to get some more information.

…here is a video made by the hacker showing undeniable proof that [StudioPay] was indeed hacked and that they do have personal information from over 350,000 members of [Studiotraffic]. There are black bars in the video so as to prevent personal info of members being leaked out.

A blogger who spooked TalkGold users with his impersonation of John Horan, the administrator and owner of Studiotraffic, has created a blog with some shocking news included. Among the eye-opening articles is a video showing the world that Studiopay, Studiotraffic’s payment processor, was indeed hacked. Although the legitimacy of the video and the arguments of the author are unknown, he/she presents some interesting arguments against Studiotraffic and its owner.