It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Thousands of online banking customers have accounts emptied by 'most dangerous trojan virus ever cr

page: 4
40
<< 1  2  3    5  6 >>

log in

join
share:

posted on Aug, 12 2010 @ 01:56 AM
link   
reply to post by KilIuminati
 


On this one we agree...nothing is secure on the internet...best to not ever issue a credit card number online although in rare cases it must be done...protect yourself at all costs.




posted on Aug, 12 2010 @ 02:12 AM
link   
I used to work in security.

The most common password I saw was "football"

The thing with sports is so bad - If I were auditing a company in NY, I'd go ahead and put F00tball, GIANTS GOGIANTS! METS GOMETS! ect.t the top of my dict. files a to minimize the time I'd spend.

People in New York, I remember, are really, really bad about it.
Once, out of about 400 computers, about 60 were using some professional sports team related password, or football, f00tball, or baseball

And what NO one is really talking about, outside of professional circles, is how totally useless most a/v is against a good rootkit or trojan. Viruses are pretty bleh...now.

[edit on 12-8-2010 by hadriana]



posted on Aug, 12 2010 @ 02:58 AM
link   
I cannot help but wonder about the stupidity of the banks in question. Over here we use an ever changing keycard for the codes in internet banks, plus we get sms everytime some action is taken on the bank account. By acting immediately when receiving the sms the transfer can be cancelled before it even goes through (there is some one hour delay).

It is almost impossible to hack a system like this.

On top of this we are protected by law from fraudulent transactions, so even if you get hacked the bank is ultimately responsible to cover your losses, even if they are not succesfull in cancelling the transaction/getting the money back.

Every time i use paypal i am amazed at how easy it would be to hack, only one username&password stands between my money and anyone using the internet.

[edit on 8/12/2010 by above]



posted on Aug, 12 2010 @ 04:02 AM
link   
Indeed, if the bank used only username / password to identify it's users, they really DESERVED to get hacked. Attack itself doesn't sound very "sophisticated". You can't blame users here, it's all the banks fault.

It is also possible to hack systems using changing keynumbers, but that is more difficult. SMS-message after actions in account is a great idea. There could also be SMS confirmation to allow complete the transfer. That would be quite safe - for a while.



posted on Aug, 12 2010 @ 04:03 AM
link   
Luckily, my bank uses a chip and pin card reader (not connected to the computer) to allow access to my online banking account. You stick your card in the reader and it gives you a code (different every time) to enter in on top of your account number and password. This makes it impossible to access the account without my bank card AND my pin number.

Believe me, even I can't get in without the card reader, which is slightly annoying if I want to access my account from anywhere but home.

It also uses the Verified by Visa security system to transfer money out to other accounts.

BTW, if anyone has been a victim of this, would you mind letting the rest of us know what bank you're with, as THEY have decided not to inform us of this vital piece of information



posted on Aug, 12 2010 @ 04:14 AM
link   
When it comes to convenience banking, I find phone banking less risky than internet banking, but just as convenient.
I can pay bills via b-pay and get account balances.
The only thing I can't do is transfer funds to another persons account.
For this, it takes a trip to the bank.
But I rarely have the need to do that anyway, so it's once every blue moon.

For internet shopping, I opened an account with another bank that has a MasterCard debit card issued with it.
It costs me $4 a month and it never has more than $50 left in it at any one time.
It's a really small price to pay (insurance) to keep all the risk away from my main personal account.

So for those who don't want to risk it internet banking, there are other options that are just as convenient. To me it's too risky when there are other choices around.



posted on Aug, 12 2010 @ 04:33 AM
link   
Incidentally, I do currently have a nasty little bugger of a virus that AVG just can't get rid of. It's infected my internet access and I believe my firewall, blocking internet security updates and preventing me from downloading any other security software. Anyone got any bright ideas, or should I just go ahead and wipe it and start from scratch (I back everything up onto an ext-drive and it's not infected the boot sector or the ext-drive). I'm fresh out of ideas and believe me, that isn't a small list of ideas to have.



posted on Aug, 12 2010 @ 04:39 AM
link   

Originally posted by nik1halo
Incidentally, I do currently have a nasty little bugger of a virus that AVG just can't get rid of. It's infected my internet access and I believe my firewall, blocking internet security updates and preventing me from downloading any other security software. Anyone got any bright ideas, or should I just go ahead and wipe it and start from scratch (I back everything up onto an ext-drive and it's not infected the boot sector or the ext-drive). I'm fresh out of ideas and believe me, that isn't a small list of ideas to have.


Download malwarebytes onto a usb from another computer and rename it, try running it in safe mode on infected PC? You probably would've tried this or something similar though..

I don't believe this article at all, for me it's fear-mongering and I think this is a pawn in the board we'll be ignoring until it takes our queen.

[edit on 12-8-2010 by Xadaz]



posted on Aug, 12 2010 @ 04:52 AM
link   
there's no place like 127.0.0.1

www.mvps.org...

not the cure, but it sure helps.



posted on Aug, 12 2010 @ 05:27 AM
link   
reply to post by Xadaz
 


I've tried something similar, but not malwarebytes in particular. I'll give it a go, nothing else to lose.

Cheers


ETA: Funny thing is, I rarely ever had a problem with Win XP, never had to format the drive in over 5 years. Bought a new PC with Win7 2 months ago and it's already screwed. If only my TV card worked with Ubuntu.

[edit on 12-8-2010 by nik1halo]



posted on Aug, 12 2010 @ 05:30 AM
link   
I've been a victim of something like this a few years back, the way it worked was to make changes in my hosts file so that everytime I visited www.mybank.com it would redirect me to an exact copy of my banks account login page, that then asked me to enter my username and password etc

The clever thing was that after you had entered the info it redirected again back to the banks page and you could use the online account as normal.

The bank had some kind of security in that it asked for random letters from your password i.e. 1st 3rd and 7th letter, so you didn't type the whole password at once ever, so the redirect had to work multiple times in order to steal the whole thing.

I managed to realize what was happening before anything went missing from my account, but it could have been bad.

Don't use online banking anymore because of this, I'm just too paranoid about it


quote]Originally posted by nik1halo
Luckily, my bank uses a chip and pin card reader (not connected to the computer) to allow access to my online banking account. You stick your card in the reader and it gives you a code (different every time) to enter in on top of your account number and password. This makes it impossible to access the account without my bank card AND my pin number.

MY bank was going to do this, and got as far as sending the card readers out, but they never implemented it.



posted on Aug, 12 2010 @ 05:59 AM
link   
reply to post by TrueAmerican
 


Where did the money go?

If the money didn't go anywhere and the data was just wipe, the online banking system should be sued by all those who is effected and they should all get compensation money regardless of how much they had in their bank account in the first place.

This is the fault of the banks, not the people.

I bet the banks are gonna blame the people and ask the people to pay money to other companies who are connected to banks for security.

Are people aware of how ripoff the banks are, and how unjust the contracts are?

I mean common? They pay you around 2 - 10 % a year for giving them your money and they charge you 10 - 25 % per month for borrowing their money to you.

Do you get the unjust system they are forcing you through?

[edit on 12-8-2010 by oozyism]



posted on Aug, 12 2010 @ 06:10 AM
link   

Originally posted by KilIuminati
reply to post by TrueAmerican
 


if i wanted to access ur bank account i could do it easily by just having ur email.


No you couldn't. What a load of crock. You honestly think that with just my e-mail address (which one too, I have three...) you can get into my bank account? Shows you don't have a clue what you're on about, because my online banking has nothing to connect one of my addy's to it.

Besides, I've been online banking since 1999 and have never had anything taken out my account I was not aware of, because I'm not a pleb and take the necessary precautions.



posted on Aug, 12 2010 @ 06:14 AM
link   

The fraudsters used a malicious computer programme that hides on home computers to steal confidential passwords and account details from at least 3,000 people.


If I try to transfer money to someone who isn't already on my internet banking, the bank will send a SMS to my phone with a code I have to use to add the new person. Haven't told them my new number, so I can't even transfer money to a new account even if I want to at the moment.

Maybe this bank should adopt this security measure?



posted on Aug, 12 2010 @ 06:29 AM
link   
What i don't understand....

Why on earth use an online bank that doesn't use some physical form of protection other then a login password to get to your account?

I know for example that here in the Netherlands, all banks have online options, and if you use it you will get a device that you have to use in combination with your bank card. It will give you another code that you have to use in order to be able to make transactions.

So the login and transactions are separated by a different verification. In my case, i get a sms on my mobile with the code for the transaction (different bank)

Even Blizzard (World of Warcraft) and Pokerstars use such a system to prevent abuse/hacking accounts. THIS IS A BANK FFS!!!



posted on Aug, 12 2010 @ 06:38 AM
link   
Don't do banking online. And if you want to spend money online then get a prepaid debit card with overdraft protection.



posted on Aug, 12 2010 @ 06:48 AM
link   
OK...Anyone of you really believes that UK bank doesn't use any other measure but simple user/pwd scheme??? And what about tunnels and sessions and digital certificates and encryption and chip or key cards...What bank was that? The First Monopoly Bank of England??? This is just ridiculous and totally unbelievable! And money is transferred and gone "without a trace"??? ROFLMAO!!! So, it's the only bank that doesn't keep logs of their financial transactions????
And I bet all this was "scientifically" proved! I could believe in this "hacker" crap ONLY if the "Bank" fully and completely refunds ALL the accounts! If they deduct even a penny, I don't buy it!
I bet they'll find some new "more secure and unbreakable" system next...like chipping people with RFID, for their own financial "security"...Just like NSA "helped" Microsoft make Windows 7....
Can you say "E.T Phones Home"?



posted on Aug, 12 2010 @ 06:56 AM
link   
If you go into add ons in Firefox you can install a program called "noscript" . With this you can stop all third party web sites. It makes the whole internet experience a pleasure as you don't end up having to wade through annoying pop ups and pages tend to load faster also.
Takes a little getting used to, more so to people with less net experience but well worth it.



posted on Aug, 12 2010 @ 07:18 AM
link   
If you want to get around keylogging software when entering passwords online, there is an additional step you can take.

Get a portable password entry software package. It has a master password that should be at least 64 bit or 128 bit strong to be severly unbreakable. Next, fire up the software from your jumpdrive and go to, say, your bank website from a non-standard computer (not your home computer). Plug in your login and password and it will enter into this software. Now, you do not have to type it in, thereby no more keylogging or caching attacks when it comes to that. As well, you dont have to type in the web address either, since that is associated with the software now and it is just a single click to get to the login.

I use a software package and it is the only thing on one particular jumpdrive that I have (of the 4 that I have), and I dont have to actually type in passwords and logins anymore.
I even use it for things as simple as logging into ATS, mostly for the convenience.

Add to that, make sure that you include the jumpdrive in your routine scans (virus, malware, spyware, adware), just to insure its constant safety.
DO NOT leave it plugged in to your computer when not in use.
DO NOT leave it laying around, ever.
DO NOT let anyone ever use it.
DO NOT use it for anything else, to avoid corruption.

You can also use a jump drive to log into Windows 7, eliminating the worry of keylogging that as well (mostly a good work practice).

Jump (thumb/flash) drives are insanely cheap and easy to use as a security measure for both logins and secure data storage.

I wont name the software that I use here, but will U2U anyone interested.



posted on Aug, 12 2010 @ 08:09 AM
link   
reply to post by nh_ee
 

you're completely right: to make super public-known enemy is nice way to mud water for good fishing.




top topics



 
40
<< 1  2  3    5  6 >>

log in

join