Credit card fraud

Hi and help

Both me and the wife have experienced credit card fraud with online sites over the last 2 months. We onlky use what we consider to be reputable sites like Marks and Spencer, Amazon and of course Eset.

We both have our own machines and both have ESS of the latest type and updated to the latest av. checks on these are run at leats once a week and nothing is ever found.

Both also have Lavasoft Adware 2007 and checks are run frequently on both machines all that are found are the usual tracking cookies ike doubleclick etc.

I need some reassurance that ESS is secure and that access to our details has occurred other that by a leaky ESS security system.

I am very worried and if I can not get the reassurance them I will uninstall and use something else even though I find ESS to be the best and most user friendly Internet Security Suite.

Mod can you say something about card security please?.

 

Hello,

ESET Smart Security contains firewall and antispam modules, which can protect you against malicious incursions as well as unwanted email, and the antimalware component handles spyware and keyloggers, but I am not sure what you are looking for with regard to a reply.

Have you been able to isolate how your credit card information was obtained? Are you certain it was done through your computer and not from some other source?

Regards,

Aryeh Goretsky

 

Poo Bear, don't expect much help from Lavasoft--it catches tracking cookies but little else...Install something stronger, if your computer can handle the CPU overload, such as Spyware Doctor 5.5, or CounterSpy 2, and also a free HIPS protecting engine, such as ThreatFire 3. If your PC is not very strong, try something light on system resources, such as SUPERAntispyware 4 or Spyware Terminator 2.

NOD 32 is a great start, but I wouldn't feel secure using its anti-spyware engine alone...combining ESET NOD32 with a few other security programs, such as CounterSpy and ThreatFire, your PC becomes a solidly-protected platform, since each one complements the others--NOD32 is predominantly an AV program, CounterSpy offers real-time anti-spyware protection, and ThreatFire is a behavior-based HIPS program that guards your PC from the execution of things that might creep somehow through the filters of the other security programs you have.

 

I do not think your credit card fraud was through your PC. I have had fraudulent transactions on a credit card which has never been used on my PC (have made hundreds of transactions with other cards and no problems with those). I also have friends who don't even own a PC who have had fraudulent transactions of their cards. I was advised by one bank that the fraudsters simply use number generators to generate card numbers and often they strike it lucky.

 

You appear to be from the UK so I'd like to suggest that your problem probably arises from your local garage or take-away.

 

Now I am really worried. I thought ESET Smart Security would cure almost 95% of any security problems. I still have Spyware Doctor (not installed). The statements by Mr. Wyrd
worry me. I would like to hear ESETs response to Mr. Wyrds
comments Please.

 

I understand Eset does not have any real antispyware capacity.

Credit card fraud on the internet is possible even with the best anti-malware protection.

 

On what do you base that statement??
I've been using Eset for a very long time and honestly I cannot remember the last time a saw malware on my machine..

 

Ok, it seems I was wrong.

 

twice in the last 3 years i have had problems, both times i was sure it was from the net utterly convinced in fact.
first time my details were stolen from using credit card at a large petrol station (with a liberian loop) 2nd time was from using the card at my local corner shop.
apart from phishing i think the net is fairly secure and quite easy to trace transactions. i feel safe i only use nod and do all my banking/ shopping bill paying etc on the net.

 

Well, I've actually had a different experience--a few months ago NOD32 apparently missed a nasty Trojan horse that Kaspersky 8.0 caught later. In addition, NOD32 also failed to disinfect another "password-grabber" that Spyware Doctor neutralized. You can have a further look at Neil Rubenking's review of ESET Smart Security for PC Magazine at:
http://www.pcmag.com/article2/0,1759,2214773,00.asp
He is saying that NOD32 detects plenty of stuff but is not so good at neutralizing that stuff. It happened to me once, as I explained above, so from now on I always complement NOD32 with additional anti-spyware software...

 

WYRD,That review was when ESS had just been released.In my opinion its a better and more stable program now.

I use Spysweeper alongside ESS 650.0.0..And i have,nt had no problems with spyware.And when my SS subscription runs out,ill be using just ESS on its own.

 

i do a scan with superantispyware and others everynow and then, never found anything other than cookies i havnt deleted, in real time i use eset smart and spyware blaster, so they seem to be keeping everything out.

 

Thank you for your comments on this Aryeh, and for what it's worth, I have not used my card anywhere other than on the PC with reputable sites, with ESS installed and the fraudulent transactions are internet based.

I think the comment from Wyrd, to tighten up with something like Counterspy is very helpful and I will do that.

Meantime I am now a shy of using my cards online.

 

Hmm wow first time in a forum from this nature Im reading that transactions aren't safe... Ive never had a problem with my Norton 360 and I do a lot of buying using credit card using my laptop. If you people are saying that isnt safe Im glad Im using the other laptop as a test for this ESET program hahaha.

 

Teraclips that is exactly what I am not saying.

I am trying to eliminate possibilities

 

Don't mean to be critical, but...

A statistical sample of one user hardly constitutes a full report. Just because you never got hit by anything while using Norton 360, or one user got hit while under ESET protection does not really mean anything to product quality.

Now, if a reputable lab tests multiple vectors against multiple products in a controlled environment, then we can judge better, and even then...

 

ESET, and any other AV/AS/IPS, can only go so far to protect you from harm. Load up with as many layers deep as you want, but that may take a 95-97% rate to a 99% rate... but never 100%.

Fundamentally, if some hacker finds some hole in a common piece of software and stays relatively silent about it, he/she can exploit multiple machines for as long as that exploit remains undiscovered and/or unreported.

Secondly, you may be fully secured at any given moment, because all discovered exploits are known and protected against, until the next hole that can bypass heuristics is found, but that does not mean that the sites at which you left your credit card number were not themselves "hacked". The fact that ESET may, right now, be protecting from all possible inbound harm does not prevent your cc number on an outside site from being harvested in ways that do not involve your PC.

Lastly, when you say: "I am now a shy of using my cards online." I cringe when people differentiate between the potential harm online vs. offline. I recently had my cc number harvested by an employee at a local Chinese buffet restaurant. I do lots of buying online and never suffered a loss that way. No fancy Internet exploits here, just good, old-fashioned "live" stealing. If anything, I should then be shy of using my cc offline, since I never have had my card stolen online.

 

I think you need to review your computing habits instead of installing all these applications to prevent a problem which in turn is going to only wreak havoc on your PC.

I have been online for years and use credit cards regularly without ever having a case of fraud, stolen identity, etc.

Let me walk you through the basic steps of using the internet:

1) Don't believe everything you hear or read. Don't click on ads. In fact, use adblock in Firefox or a blocklist for Opera. DO NOT USE INTERNET EXPLORER.

2) Don't try to download anything illegal. Limewire, Kazaa, etc, -- you're only asking for what you're going to get. These programs are designed not only to make it easy for people to prey on you, but to infect you with everything under the sun because you're too interested in downloading Song.mp3.exe. There are much more secure ways to download questionable content from the internet. If you don't know these methods exist, I can't help you. If it's illegal, just don't do it. End of story. They will infect you if you're running Windows. It's what it's all about. Stay away from the illegal downloads of all kinds and you'll find you have a usable computer for years to come.

3) Stay off of adult websites, especially "free" ones. They're great at getting you to download things to watch videos which are only infected with viruses. Just don't do it. It's not that hard.

4) Don't install antispyware programs just because they say they're good. You only really need one, which is mainly SpyBot S&D, and you don't need it running and monitoring your every move.

5) Keep Windows and ESET up to date.

6) Don't install toolbars for ANYTHING.

7) Never buy from sites you don't know or trust. Make sure they have a valid SSL certificate. Make sure the connection is secure. Be SMART.

Email attachments need to be scanned and you need to be careful of password protected archives that the antivirus can't open. Don't open them if you aren't expecting it. While you're at it, quit forwarding every email you get. This is a terrible habit.

These 8 simple rules are not that hard to follow and you'll never run into issues. I promise. The only way you're going to get credit card fraud is if the site you purchased from is compromized. This usually is done internally by an employee; they are the biggest threat, not the hackers.

You need to understand that there isn't a magical computer land of hackers and viruses and security threats watching your every move and you must cower in fear before them.

I'm going to throw a statistic out there, and it's probably pretty close. I estimate about 95% of all viruses and malware are USER INDUCED. The USER did something to get it on their machine. It just doesn't happen magically as often as you think. It's pretty rare that there's a security hole that can let a virus or worm 100% self replicate around the globe without a single action required by a user to infect their machine.

I'm tired of ranting now, so I'm going to just end this here. Computers are not scary devices. If you cannot follow these 8 simple rules then buy a Mac. Unix based operating systems don't have this issue (yet), and the design of their security is far superior anyway. If you don't want to buy a Mac then find someone -- ANYONE to install Linux or a BSD on your computer.

Really, if you can't follow these rules, it's safer and more cost effective to you and your credit rating in the long run. Just make a choice -- the rules, or a new operating system.

 

Ok now I get it. Well after using this new product Im really satisfied now I have a quick start up again, dont know what happend with this new Norton 360 it made my pc slower well this is out of the thread main theme but hahaha ESET justn need to add some feat but overall I like it.