What can I do about this?
Okay, so long story short, I got my boss from my last job to make me a virtual machine that I can connect to using remote desktop.
I haven't used the remote desktop since the end of July. My gmail got disabled randomly and then I remembered that I have my gmail logged in on the desktop. I connect to the desktop, only to find that a poker game was installed, but more importantly there was a web browser open. It was a filled out form that hasn't been submitted yet. It included a mans name, address, postal code, and credit card information.
I took his phone number and do two things to it. First, I searched the phone number and find that it was attached to the exact address and name shown in that form. Second, I go ahead and call the guy and he picked up. I didn't say anything, but the only thing I heard was "hello" but it sounds like a really old man saying it (with not much voice put into it if you know what I mean).After hearing it for the second time, I say, "Hello, I received a call from this number. This is -his name- as it appears on the phone, right?" Then a white guy says, "No it's not -his name- now f-word off" and he hangs up.
I go back into the history of chrome and I find that it was used to make travels to places, and to my surprise, my gmail was checked. No wonder it got disabled!
But that is one issue solved. The next issue is that the machine is registered under my full name. Someone is most likely carding and I have no idea who it may be. Something tells me that it's my boss. I don't want to be held liable for any of this.
By the way, carding is when you steal someone's credit card and use it to make unauthorized purchases.
TL;DR: Boss gave me a virtual desktop. Gmail got compromised so I go on the desktop. Found guys phone number info and called him. Got gmail back but someone's carding under my computer name.
What should I do?
Should I contact my boss's office tomorrow to ask him about this?
Thanks a lot guys!
10 Comments • Newest first
[quote=BobR]@mujura1 If you'e not working there any more (and you can prove you haven't had physical access to the computer since the time you left), then hopefully you won't be connected to anything that's happened since you left there.[/quote]
The physical computer I used was in the office. The virtual machine that I used was made for my personal use (meaning nothing relating to work) because my old computer was bad. The sever it's hosted on is outside of the office somewhere in my city. I stopped using it because I got a new computer.
[quote=FiendOverlord]@mujura1: I would recommend r/advice, and hopefully you'll catch the attention of some techies to help you too.[/quote]
Thanks, I'll check this subreddit out.
@mujura1: I would recommend r/advice, and hopefully you'll catch the attention of some techies to help you too.
@mujura1 If you'e not working there any more (and you can prove you haven't had physical access to the computer since the time you left), then hopefully you won't be connected to anything that's happened since you left there.
[quote=FiendOverlord]You should also ask bigger forums like reddit for this stuff. This one's a bit dead. The first thing I would do is scan my comp for any malware, then get rid of that shady vmware if possible.[/quote]
Any recommendations of subreddits for this?
[quote=mujura1]This business is owned by his wife and him. He only has 1 employee so there is nobody that I can go to really.
The only evidence I can find is that there was a craigslist emailer that was downloaded on my machine.. He's a fan of pirated software and was looking to sell stuff for his side business on kijiji / craigslist..
The wierd thing is that there are 3 ways to get into my machine:
1. Hack it
2. Actually know the username and password
3. Go on / connect to the machine that has the vmware and control it from there
I also remember turning it off after I didn't want to use it anymore. He is the only one that can turn it on unless someone has access to his system.[/quote]
You should also ask bigger forums like reddit for this stuff. This one's a bit dead. The first thing I would do is scan my comp for any malware, then get rid of that shady vmware if possible.
[quote=SomeJello]If there's anyone higher than your boss go to them.
F that man this stuff is serious[/quote]
This business is owned by his wife and him. He only has 1 employee so there is nobody that I can go to really.
[quote=FiendOverlord]Confront him. But don't assume it's him until you have further evidence.[/quote]
The only evidence I can find is that there was a craigslist emailer that was downloaded on my machine.. He's a fan of pirated software and was looking to sell stuff for his side business on kijiji / craigslist..
The wierd thing is that there are 3 ways to get into my machine:
1. Hack it
2. Actually know the username and password
3. Go on / connect to the machine that has the vmware and control it from there
I also remember turning it off after I didn't want to use it anymore. He is the only one that can turn it on unless someone has access to his system.
@mujura1
hmmm, when a person is suspected of weird activity, i rather watch and record. i don't say hey! are you doing anything bad? "no."
Confront him. But don't assume it's him until you have further evidence.
[quote=Anthorix]but theres restrictions on all cards, right?
tell your bank first.
then do whatever.[/quote]
This isn't my card though, and it appeared on my personal virtual machine after two months of not using it.
but theres restrictions on all cards, right?
tell your bank first.
then do whatever.