Victim of Internet Bank Theft

Discussion in 'privacy problems' started by Yogi, Oct 4, 2007.

Thread Status:
Not open for further replies.
  1. Yogi

    Yogi Registered Member

    Joined:
    Oct 4, 2007
    Posts:
    13
    Hi
    Well today we became victims of Internet Banking theft
    three unauthorised transfers ( 1 yesterday and 2 this morning our life savings now GONE - they even got our christmas club which We cant even have until December 1!) two bank accounts n the name of people we have never heard of!

    I would like some advice as to what I should do re security? we have NOD 32 and have never been to an internet cafe for internet banking always been at home (or work) Me at the Departmnent of Education and Hubby BHP whose security is pretty exceptional. Any idea how our A/C and password could have been obtained? Could somethng still be gathering information from our PC undetected?

    What other detiails could they be interested in?

    Should I format our hard drive?

    Desperate, Devasted and worried

    thanks
    any advice wuld be greatly appreciated
     
  2. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Hello,

    Do you use online banking at all? And, if so, which computers do you/have you used it from?

    Assuming that the answer is "Yes, I have used Online Banking" - then each computer you have used should be considered as suspect.

    Change your banking password (over the phone). Do not use those computers again for banking. If a large amount of money was stolen, contact the authorities - depending on where you are located, they may want to take a look. Don't do anything to the PC until you have spoken with them - you may delete evidence.

    If you are located in the US, it may be possible to put an alert on your credit files with the various credit companies (I read recently about credit freeze - that is also useful). Do so if you can.

    If you use the same password for other accounts - change them too, again, by phone.

    Online is not the only way that your password could have been compromised.

    You should also contact your bank - I assume you have - most of em offer a guarantee - time to see if it's worth the paper it's written on.


    Mike
     
  3. Yogi

    Yogi Registered Member

    Joined:
    Oct 4, 2007
    Posts:
    13
    Hi Mike

    Yep was from online banking we contacted credit union as soon as we discovered something was wrong. We are is Australia. Onlline banking has been closed they cleaned us out just over $5k we will find out tomorrow if credit union will replace the money so bit of a sleepelss night tonight. Do you knowhow this can happen? we have NOD32 never used internet cafe and 99% of online banking is done from home. They even took all the money from our christms club account which is a account even we cant access until December 1st.

    Do you have any suggestions for extra protection we have VISTA home Basic OS

    Thank you for your reply
     
  4. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    I'm in Aus too (Sydney).

    The good news is that usually Aussie banks will help you out - although you might have to fight for it. For them, it's a cost/benefit thing --- the $5k to the bank is worth a lot less to them than people either not using internet banking, or even worse the current affairs shows doing yet another "banking is dangerous" show.

    You mentioned that the work computer is used as well? What OS is that running? Has anyone had a look at the systems to see if there is anything nasty on there?

    And, I hate to ask (I feel evil for just doing so)... but you didnt do something silly like "confirm your details" to the bank in response to an email, did you?
     
  5. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Sorry, I just realised I did not answer this part. I'm not in a position where I can make product recommendations, unfortunately.

    However, if it does transpire that your PC has been compromised I'd definitely do a rebuild on it. I'd also be concerned about the work PC.


    Mike
     
  6. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    703
  7. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Are you sure they didn't access you via your ATM card? Did you use an ATM machine just prior to the theft?
     
  8. Yogi

    Yogi Registered Member

    Joined:
    Oct 4, 2007
    Posts:
    13
    Hi Mike

    No nothing silly very aware of phishing and 'evil' emails they are deleted upopened. I work for the Department of Education at a local primary school and on school holidays at the moment although I was there for couple of hours yesterday and did log in to check bank balance hmmmmmm

    DOE has pretty tough security though before it even gets to school. Hubby works for BHP they also have security to the hilt so more likely ot have happed via home PC.

    So you think a rebuild is necessary?

    Have a very nice man from NOD32 help looking at some scan log files and lookatmypc log files and runscanner log files.

    He assures me NOD32 wuld have detected a key stroke thing so who knows how it happened!

    Big concern for Credit Union is how they got our christmas club money that is locked even to us until December 1st. They are looking at their proceses seems they have restrictions in place for not being able to transfer internally but nothing for external transfer or something like that.

    Is it possible it was the Credit Unions system that has been hacked and not our PC? Or was it more likely ours?

    Thanks for the replies if nothing else makes me feel like someone cares lol if it can happen to us can happen to anyone I pride (well till today) myself in being on eof the careful and very suspicious ones and they 'mongrels' still got us. Names of the bank account holders that ripped us off are so obcure you wonser how they got accounts with the 100 point system. Sheesh what a day.

    Thanks for listenig
    Cheers
    Yogi
     
  9. Yogi

    Yogi Registered Member

    Joined:
    Oct 4, 2007
    Posts:
    13
    Nah was online ....Credit Union have details of the online transfers from our account to dodgy accounts we have no connection with.
     
  10. Yogi

    Yogi Registered Member

    Joined:
    Oct 4, 2007
    Posts:
    13
    Thats OK I noticed the connection to Online Armor The NOD32 guy suggested getting your software for extra protection but we have VISTA and he said you are not quite VISTA ready! I will keep checking to see when you are. Sounds like a good buy to me. Wish I had it a few days ago. :)
     
  11. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    This is the key point, as you do not have access to this account, so how did they?

    Cheers :D
     
  12. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    This is mainly for Blackspear as he would be the expert in this category- does NOD32 detect commercial keyloggers? I assume NOD32 cannot detect hardware keyloggers. Maybe that could be the reason for the private info being taken?

    Yogi- have you had your computer serviced lately? Like where you had to take it to a computer store for maintenance?
     
  13. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    No antivirus/antimalware can detect hardware keyloggers. I don't think that hardware keyloggers are the culprits here.
     
  14. Yogi

    Yogi Registered Member

    Joined:
    Oct 4, 2007
    Posts:
    13
    Hi Acr
    No this is a reasonably new PC purchased only in May this year. So hasnt been anywhere - it is really hard to get information anywhere about how this has happened Honestly I am really careful and very suspicious so if this can happen to us it can happen to anyone It is devastating to a family all of a sudden we have $16 to our name All plans for last two days and weekend are not happening which I know seems nothing to the Banks and the police and the scum who do this kind of thing but the impact on our family is horrendous!
     
  15. Yogi

    Yogi Registered Member

    Joined:
    Oct 4, 2007
    Posts:
    13
    That is being investigated by the Credit Unoin ... I wonder if we will ever know.

    Just got some good news they are giving us back half the money today and the rest we will get when the red tape investigation steps are completed. Still leaves a bad taste as seems like some mongrels will get to keep our money!
     
  16. R_D

    R_D Registered Member

    Joined:
    Jul 3, 2003
    Posts:
    3
    Location:
    USA
    Hi Mike , just a thought and maybe this is already the case that their already involved in your dilemma .
    The Federal Trade Commission ( FTC )should be notified , and I also think they may send you a helpful Guide !
    The Culprits don't necessarily need be any foreigner , they may and could be from the U.S. here !
    I hope all the info You have been given will help you greatly !
    Anyway please check this site for sure - About.com ,
    entering in the search pane FTC alone by itself - and also Identity Theft and also list by itself in Search !
    Hope this also helps You Mike !!!

    R_D
     
  17. TJP

    TJP Registered Member

    Joined:
    May 6, 2006
    Posts:
    120
    Great to read that you got your money returned.
     
  18. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    Since the money was transferred to another account, there is at least an audit trail to track the path of how the transfer was executed. Trying to determine if your PC or the bank's system was hacked will be the next step to investigate. If it can be proven that you did not initiate the transfer, most financial institutions will reimburse you for the lost funds. The negative publicity of having someone reporting losing money online would not be something that any financial institution would sweep under the carpet.
     
  19. FastGame

    FastGame Registered Member

    Joined:
    Jan 15, 2005
    Posts:
    677
    Location:
    Blasters worm farm
    The best way to do online banking, stock trading, shopping is to use a Linux Live CD. Doesn't get any safer than that (on your end).

    In Windows use the virtual keyboard and pray.
     
  20. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Yogi:

    You have my sympathy. But that will not help you.

    I may repeat what others have said but I want to be a complete as possible in this reply.

    1) This is a crime! a theft... YOU must report it to the police ASAP fill in a formal complaint they no doubt will have officers dedicated to fraud.

    2) The immediate steps are close all accounts, change account numbers and the passwords, make them strong psw's, stay off the computer for now.

    3) Change banks asap, redirect all your income to new bank

    4) The fact that they got the Xmas $ makes me think this was an inside job, but that is up to the investigators. Schools are not known to be the most secure environments to work in.

    NOD 32 will not help you directly while on line banking, the strength of your banks site in in doubt, did they use a Https site? What is there psw set up and change function like is it on line or through a clerk at the bank? How many positions in the psw codes are allowed what range of characters.
    Get Free Roboform for password management asap. You can generate max strenght psw's and avoid keying them in avoiding key loggers.

    On your PC, you need to wipe out any possible Trojans asap. Run some big name on line web scanners, Bitdefender, Kav etc.

    I will think of more later, I think the bank was negilgent in their security and will replace all you $. If not wave the police report at them and go to a lawyer and the press. You will prevail!
     
  21. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I would be extremely cautious in this regard and simply refrain from either using or "cleaning" the PC until advised to do so by legal counsel or law enforcement. If the machine was involved in a crime, these steps are removing potentially useful evidence.

    Blue
     
  22. Someguy

    Someguy Registered Member

    Joined:
    Mar 23, 2004
    Posts:
    26
    Could you recommend a Linux Live CD that supports WIFI WPA2? Have some troubles finding one...
     
  23. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    I suspect the work computers. And I suggest never using other (than one's own) computers for banking. Or as FastGame suggested a Linux LiveCD.
     
  24. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Yes, absolutely my steps 1 to 2 are first, stay off this pc!

    Then, after the situation is cleared up and poster wants to resume on line banking (he may not) his security methods need upgrading first before proceeding!

    Blue is right, we tend to plunge to quick into techi actions this is a crime.

    The poster has already used some PC to post the news of this matter, maybe it is a different mc? I hope so.
     
  25. Yogi

    Yogi Registered Member

    Joined:
    Oct 4, 2007
    Posts:
    13
    Thank you Escalader for all your input

    Yes I did go to out local police station as soon as we fond out what had happened - wel lafter i rang the Credit Union :) and report everything the Credit Union gave me all the details of the bank acccounts the theives transferred out money too.

    We have closed our online banking account and also our two childrens ones as well. There is no way to change the online banking password except by phone to someone at the Creidt Union

    We have changed our ISP broadband password.

    Apparently the Credit Union has insurance to cover this kind of thing and YES we are very greatful that eventualy we will get all of our money back. It just leaves a really abd taste to think that these theives will get away with this and get to keep our money which I dont quite understand why the tanactions coudnt be frozen or stopped or something.

    It is the most awful feeling to find out all your hard earned money has dissapeared in one (well inthis case three) fould swoop!

    The NOD32 support haev be4en fantastic instruction me to perform all sorts of scans and send log files of analysis for the last four days they have given our system a clean bill of health and are absolutley sure there is nothing and has been nothing suspicios on our system. So I don tknow how this has happend BUT i will not give up till I get some answers. I dont want thisnto happen to anyone else and if by making some BIG noises I cant stop thast from happeniug I WILL!

    Again thank you for your kind words and your concern It is very nice to know people are listening

    Cheers

    Yogi
     
Thread Status:
Not open for further replies.