Online bank account hacked :(
#1
Online bank account hacked :(
Thought we were pretty safe as I have Windows Firewall, McAfee Personal Firewall, Norton antivirus, and all various settings set to high/tight/b well ask me and we do regular scans including AOL's spy zapper too. Still, £600 was taken from missus online bank account yesterday. Luckilly the bank were on it and called us up to let us know something was a bit odd...
Seems to have happened due to a phishing e-mail to the missus requesting personal details 'to update their records'. She clicked the link, but twigged it and didnt send them anything. A 'keyboard presses watching' cookie was prob loaded however and captured her password etc when she later logged on to the account. A later scan using the bank's software caught the trojan and it is now deleted.
Dont really know what do do with it all or how many people get caught by this, as although I'd warned her of such scams before, it still half fooled her...
Be wary!
D
Seems to have happened due to a phishing e-mail to the missus requesting personal details 'to update their records'. She clicked the link, but twigged it and didnt send them anything. A 'keyboard presses watching' cookie was prob loaded however and captured her password etc when she later logged on to the account. A later scan using the bank's software caught the trojan and it is now deleted.
Dont really know what do do with it all or how many people get caught by this, as although I'd warned her of such scams before, it still half fooled her...
Be wary!
D
#2
Scooby Regular
Join Date: Oct 2003
Location: Tellins, Home of Super Leagues finest, and where a "split" is not all it seems.
Posts: 5,504
Likes: 0
Received 0 Likes
on
0 Posts
Blimey! I'm glad the bank are helping...
Its the reason why I wont use online banking, Im not savvy enough with the interweb to be able to save myself from situations like this. Its all a bit to clever and techy for me.
So every Saturday I go into my branch and talk to the banking totty about making deposits in their safe places
Its the reason why I wont use online banking, Im not savvy enough with the interweb to be able to save myself from situations like this. Its all a bit to clever and techy for me.
So every Saturday I go into my branch and talk to the banking totty about making deposits in their safe places
#3
Scooby Regular
Join Date: Sep 2003
Location: No longer Japan !
Posts: 1,742
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by Diesel
Thought we were pretty safe as I have Windows Firewall, McAfee Personal Firewall, Norton antivirus, and all various settings set to high/tight/b well ask me and we do regular scans including AOL's spy zapper too. Still, £600 was taken from missus online bank account yesterday. Luckilly the bank were on it and called us up to let us know something was a bit odd...
Seems to have happened due to a phishing e-mail to the missus requesting personal details 'to update their records'. She clicked the link, but twigged it and didnt send them anything. A 'keyboard presses watching' cookie was prob loaded however and captured her password etc when she later logged on to the account. A later scan using the bank's software caught the trojan and it is now deleted.
Dont really know what do do with it all or how many people get caught by this, as although I'd warned her of such scams before, it still half fooled her...
Be wary!
D
Seems to have happened due to a phishing e-mail to the missus requesting personal details 'to update their records'. She clicked the link, but twigged it and didnt send them anything. A 'keyboard presses watching' cookie was prob loaded however and captured her password etc when she later logged on to the account. A later scan using the bank's software caught the trojan and it is now deleted.
Dont really know what do do with it all or how many people get caught by this, as although I'd warned her of such scams before, it still half fooled her...
Be wary!
D
Also I think all financial websites should change their logon policy so that you only enter say 3 random characters from your password. That would prevent keyloggers getting direct access to your passwords and more chance of finding malware before they do real damage.
#5
How do they take money out of your online banking account though?
On lloyds you can only transfer money between the accounts you have opened with them! I was not aware that you can transfer money elsewhere?
On lloyds you can only transfer money between the accounts you have opened with them! I was not aware that you can transfer money elsewhere?
#6
Scooby Regular
Join Date: Dec 2001
Location: Arborfield, Berkshire
Posts: 12,387
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by Mitchy260
How do they take money out of your online banking account though?
On lloyds you can only transfer money between the accounts you have opened with them! I was not aware that you can transfer money elsewhere?
On lloyds you can only transfer money between the accounts you have opened with them! I was not aware that you can transfer money elsewhere?
Simon
#7
Owner of SNet
iTrader: (7)
Join Date: Oct 2003
Location: Berkshire
Posts: 11,513
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by Brit_in_Japan
... 3 random characters from your password. That would prevent keyloggers getting direct access to your passwords and more chance of finding malware before they do real damage.
TX.
Trending Topics
#8
Originally Posted by P1Fanatic
Eh you being serious? BACS payment to any other account you want to as long as the details match.
Simon
Simon
Although on lloyds tsb, you need to enter 3 random digits from your password
#9
Originally Posted by Brit_in_Japan
Also I think all financial websites should change their logon policy so that you only enter say 3 random characters from your password. That would prevent keyloggers getting direct access to your passwords and more chance of finding malware before they do real damage.
D
#10
Scooby Regular
Join Date: Jun 2004
Location: Bedfordshire
Posts: 528
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by Brit_in_Japan
Phishing was the weakness, not the security features of your PC. As users we just have to be increasingly sceptical of any email we receive which requests our personal information or which uses a link to direct us to somewhere to enter personal information. Websites can be spoofed, so it's better to not follow any link and search for the proper website directly.
Also I think all financial websites should change their logon policy so that you only enter say 3 random characters from your password. That would prevent keyloggers getting direct access to your passwords and more chance of finding malware before they do real damage.
Also I think all financial websites should change their logon policy so that you only enter say 3 random characters from your password. That would prevent keyloggers getting direct access to your passwords and more chance of finding malware before they do real damage.
I think they are going to have to move to some sort of randomly generated key that is displayed on the screen that lists say 20 letters and numbers including 3 of yours. You then enter the transposed characters and the key logger, or someone just watching the screen wouldn't have a clue
e.g
Displays the following
REAL agae34cksdyhjb
KEY guywovpakf94ni
Please enter your 1st 2rd and 5th character of your password
If your password was abcdef you would enter giw.
#11
A 'keyboard presses watching' cookie
Sounds to me the machine used was not up to date with its windows update security paches. Its reminder to people that banks never, ever send you emails asking to update their records etc and to always keep your PC up to date.
Dont spose you got the name of the trojan did you? I'd be onto nortons site and looking up why it wasnt detected!
Jules
Last edited by judgejules; 05 August 2006 at 03:21 PM.
#12
Originally Posted by judgejules
Is this what the bank told you? Never heard anything so silly. A cookie is a small piece of text, by its nature, it is never executed it is only read from. Unless they dropped a malformed cookie of somesorts that overflowed a buffer somewhere, but we'd have heard about that one by now as everyone and their dog would be doing it.
Sounds to me the machine used was not up to date with its windows update security paches. Its reminder to people that banks never, ever send you emails asking to update their records etc and to always keep your PC up to date.
Dont spose you got the name of the trojan did you? I'd be onto nortons site and looking up why it wasnt detected!
Jules
Sounds to me the machine used was not up to date with its windows update security paches. Its reminder to people that banks never, ever send you emails asking to update their records etc and to always keep your PC up to date.
Dont spose you got the name of the trojan did you? I'd be onto nortons site and looking up why it wasnt detected!
Jules
#13
Originally Posted by Diesel
Thought we were pretty safe as I have Windows Firewall, McAfee Personal Firewall, Norton antivirus, and all various settings set to high/tight/b well ask me and we do regular scans including AOL's spy zapper too.
D
D
Whatever it was that ran wasn't a virus, so Norton wouldn't see it, and the firewall(s) wouldn't help because you have already ok'd the browser connection to the Web. It also seems unlikely that it captured the password, since that's exactly why they use the method of asking for certain characters. It may be that they managed to drop some code on your machine so that when the browser connects to the bank it really connects to the bad guy server, it then loads the real bank pages through the bad guy server (so that it was really her connecting to the real bank, with the right credentials, but via the suspect system). Then they could wait until the login was done and add the transfer of 600 squid to the transaction.
If you haven't already got them I'd suggest two particular anti-spyware programs, SpyBot Search & Destroy and AdAware. I'd also suggest not using Internet Explorer. And always watch out for whether the padlock symbol is showing when you connect for financial stuff.
#14
Scooby Regular
Join Date: Dec 2005
Location: In my house
Posts: 1,664
Likes: 0
Received 0 Likes
on
0 Posts
Ive been getting these "spoof" emails off ebay and pay pal all fake asking to confirm my bank details and alsorts but considering i havent got a ebay account or a pay pal account i know its bollocks so any emails of that type should be reported to ebay and they usually sort it out within 24 hours saying either yes its off them or no its not
just dont click any of the links on the email they send
just dont click any of the links on the email they send
#15
Scooby Regular
Join Date: Feb 2003
Location: Zed Ess Won Hay Tee
Posts: 21,611
Likes: 0
Received 0 Likes
on
0 Posts
i tried to buy something from eBay last week and when it came to paying by paypal it kept asking me to add a credit card to my account.
i was confused by this as there is a card on file, i kept retracing my steps over and over again, looking for anything which would suggest this was not a real paypal site, after 10/15 mins there was nothing i could find that would inform me this was a hoax, but have spent hundreds with paypal, this confused me......
twice i nearly added a card to my account, and kept stopping and rechecking everything, something did not add up, then i relised i had somehow added the wrong email address to my login (new works pc install) i had set this account up to sell with around 2 years back but never actually used it, and i had randomly used the same reversed "1st pets name with 4 digit code" as the password
i was confused by this as there is a card on file, i kept retracing my steps over and over again, looking for anything which would suggest this was not a real paypal site, after 10/15 mins there was nothing i could find that would inform me this was a hoax, but have spent hundreds with paypal, this confused me......
twice i nearly added a card to my account, and kept stopping and rechecking everything, something did not add up, then i relised i had somehow added the wrong email address to my login (new works pc install) i had set this account up to sell with around 2 years back but never actually used it, and i had randomly used the same reversed "1st pets name with 4 digit code" as the password
#17
Originally Posted by judgejules
Dont spose you got the name of the trojan did you? I'd be onto nortons site and looking up why it wasnt detected!
Jules
She wrote down that the bank spy scan spotted '2 malware found hacking cookie win32.trojan.exe'.
Sounds odd to me that any self respecting fraudster would call his work 'trojan'???
What the heck went on?
Whats with Norton? Surely some people have to get infected before they know what exists and can try to counter it???
She swears she didnt fill out the phishing form. Any insight very welcome!
D
#19
At this point my missus would remember what she spent the money on, after the Banks, Police, Interpol etc had been notified, she always goes for the complicated version when its usually simple.
It like the time she rang me at work to tell me another Concorde had crashed in France, onto a hotel, full of germans, uncanny, came off the phone stunned and then rang her back to ask if perchance she was watching a video.....
It like the time she rang me at work to tell me another Concorde had crashed in France, onto a hotel, full of germans, uncanny, came off the phone stunned and then rang her back to ask if perchance she was watching a video.....
Thread
Thread Starter
Forum
Replies
Last Post
alcazar
Non Scooby Related
5
18 September 2015 11:49 PM