Victim of Internet Bank Theft

You are welcome, please heed Blues advice on setting aside the PC!

This information must be given to the police but it may be too late.

Good!

This is a fundamental flaw in security practice by the bank. Only you should know the psw's and pin numbers ! This is most likely how your account was hit!

Good.

Don't rest until you have the matter resolved as far as you can.

I'm 99% sure that this happened NOT due to a security error on your part, it is linked to the open password practice at this credit union! You can't risk dealing with them!

Okay, think nothing of it, any of us could be in this situation.

 

All which follows is IMHO only, and may be wrong! But something is wrong or the crime would not have been possible.

There may be a link to this theft, between your work site / pc's or people and the credit union security flaw. If you used the work PC for banking even if to look at the balance only and using the work network/ Lan , someone may have picked up you sign in your bank password ! They then set up the new accounts and somehow transferred money to them and stole the cash! How they must have had your id! Did you do that sharing the work PC? Who has access to your work lan and the activity you do there? Is there a security supervisor at work for psw's etc?

On the xmas fund not available on line, that is where I think someone had knowledge of those accounts as well, from your work location and posing as you moved the money! There may be more than 1 person involved here. Make sure the police move on this one, as someone else will get stung as well!

Huge privacy and lack of security issues at your work and this credit union.

 

I dont have answers to all my questions at the moment either Escalader and I apprecitae any help from pc savvy people such as yourelf who can look at this from a different point of view as well.

so details are as follows.

Online banking account was linked to our account with the Credit Union we log in using our account number and a password. Once logged in we can see the balance of our savings accounts and the sub accounts we use to organise our finaces we also see the balance in our Christmas Club and the balance of our Credit Card as well as the outsanding balance of our Mortgaqge and Pesonel Loan. Once logged in to this area we are able to transfer money between our own accounts pay bills by BPay pay extra payments to ur loans or credit card easily transfer money to other credit unuion accounts ( usually our kids lol) and transfer money to any other bank accouts if we wanted to. We were not able to transfer money OUT of our Christmas Club account to say our savings.... but I thkn we might have been able to put extra money in if we wanted. The deposits to our christmas club happened automaticaly from salary.

online Password to this account was orginally generated by us when online banking was set up I cant remember how changes to password were made and I cant log in anymore to check if we were able to do that. I may have given the wrong information about changing password so I will check that tomorrow.

The thieves made three transfers from our account to two different banks in Australia in the names of two different Indian people. I have googeld these names to see if they were linked to any known scams and they are Indian movie star names so seems a bit of a joke. Here in Australia you must have 100 points of ID to open bank accounts so these people have to be real and have to have the ID but I guess that could be fake too!

Apparently in this type of crime they are just Mules who get to keep a percentage of the money for opening the accounts and passing on the money!

What i dont understand is we reported the theft the same day of the last two tranactions as soon as we discoverd all the money was gone only a very short time after they happened but the transactions couldnt be stopped
or frozen or anything I want to know why this is the case Which is one question I will be asking tomorrow when I talk to the Credit Union

I work at a local Primary School and our network comes via a file server controlled by the Department of Education a government body here in Australia. It is a filtered network and has THE highest security levels and blocks many websites I would think it would be very difficult for a hacker to get accces to my workstation and aslo it is school holidays here at the moment BUT i was at work last wednesday and I did check our bank balance on my PC But I also checked the schools bank balance as well and if someone was going to steal money that would have been by far the more profitable one to choose! I was the ony one workign at my school on that day. My husband works for a major australian corporation and they have high security too and the only other place either of us have logged in to Internet banking is our home PC That has been checked and no suspicious activity found so I just dont know!


I am hoping the lady from the Credit Union will have some answers for me tomorrow

and I will post any new information here.

The police were informed the same day the theft was discovered but we havent heard a word from them either so I intend contacting them too.

I think IMHO it is all too time consuming, too costly, and too hard for the finacial institutions to do the cyber chase and cathch these criminals. I don't think they want people to be nervous about Internet Banking so once they a happy the transactions are nothing to do with the customer it is easier to repay the money and life goes on! BUT I think that is WRONG! Its a crime liek any other robbery and if someone had hit me on the head and stolen $5000 out of my pocket it would be handled differently . I intend to persue this as best I can till somone in a position to do something takes some action.
So that other people might not have to go through what we have been through these last few days....

Wish me luck

 

I do wish you luck, but the trail goes cold real fast in www crime

 

Well the luck wishin gthing worked pretty well!

They caught the two pepole who own the bank accounts our money was transferred to

One idiot invested what he stole and the other just had it sitting in hisd bank.
They claim to be innocent and that they answered an advertisement form an email "Mike Marketing LLC" which offers people with a computer a job they can do from home they claim they thought it was a legitimate job and therefore wont be charged with anything except maybe the one who "invested' it as he clearly intened keeping it lol How stupid can you be or is it just greed that motivates these people HOW could you not think something was suss with a 'job' like that Its an old email scam resrufaced.

So the good news is we will get alll our money back and the credit union will get all the money back but hte bad news is the real criminals will get away with it and we wont really know how they got out account number and password.

Thanks to all the people here who offered advice and suggestions I really appreciated the feedback and the support.

I would still like to do something about catching these morons I jsut dont know what that is just yet.

As clever as these mongrels are there are just as clever good guys out there on the www if we could all somehow give them eery bit of informtion we can collect surley they could come up with someway of stopping this kind of crime or at least making it a dam site harder than it is to steal via cyber robbery.

Cheers

Yogi

 

Yogi:

They caught the guys who received stolen goods. The id thieves are still at large and living at your place of work or the credit union with the non secure psw procedures.

Change your bank and no more on line banking from work/or locations outside your home.

You now need to spend considerable effort to prevent your self from being hit again.

Do you want to work on that?

 

Yes I realise that they only caught the ones who 'handled stolen goods'
but with the information they have passed on perhaps a small step can be taken towards catching the id theives?

We dont have an internt banking account anymore.

I have notified the relevant IT people at my work and they are investigating and checking my workstation and the things they need to check.

Now that we have our money back we are going to buy a router to attach to our modem .. a suggestion from the IT guys.

All the information we have gathered I have passed on to the NOD32 support people in case they can use it.

I have told everyone I know and everyone I have come across in the last 6 days what happened and that THEY need to check their PC and Bank security if they do online banking and NOT to take it for granted.

Credit Union has fixed the Christmas Club problem and currently working on their password security ... a new system will be in place in the very near future.

Not sure what else I should do?

 

Well, IMHO quite a lot, but some of my ideas you may not be willing to carry out.

1) Password Management and Control. I use a tool called RoboForm, it is free for limited use. It allows you to generate maximum strength psw's that you would never remember your self or even be willing to key in. You can store these off your PC on a DVD or USB stick so that if your PC was penetrated again their are no personal passwords to steal!

2) You mention NOD 32, good, but what are you using for a Software Firewall (SWFW)? The Windows xp one is a one way incoming screen only. The router is a good idea for you but again it is shrouding your PC on incoming threats only. You need a strong 2 way software firewall. They can be gotten free of charge.

3) You need to save all your user data files etc on dvd's or an external hard drive and then reinstall your XP system ( I'm assuming XP) from scratch, reformatting your HDD to NTFS format. Then install NOD 32 and the new SWFW and the router. No data or games yet. Update, xp sp2 to latest security patches, same for NOD 32 same for SWFW.

4) Run NOD 32 on new set up.

5) Find and install an ASW software tool compatibly with NOD 32 update it and run it.

6) Run Spybot S & D fix any errors it finds and let it load it's bad sites into you Hosts file.

7) Opitimize the security settings in your browsers (FF, IE etc)


I can go on but are you willing to do any of these things? The consequences of not doing them you already know!

 

Yes I am willing

I dont want to reformatt until I am sure the credit union dont want or need any data that may be on our system You never know what might be important.

We have VISTA Home basic

NOD32 and Adaware Personel

I have been through the NOD32 custom set up and changed all the settings
(100 screens or so!) as suggested by their techs.

We have changed our Broadband password which is also email

I will find RoboForm

Tks

 

Yogi:

 

ok I will get aws much of these answers as I can today while at work


This is the link from the NOD32 people about the settings if you have NOS32 all ready installed yu start at step 29 ....

Please check your settings against those found in the following NOD32 Tutorial: https://www.wilderssecurity.com/showthread.php?t=37509

AFTER this run a scan by following these steps:

1. Click on the NOD32 Control Centre (Green and White split square on the bottom right hand corner of your computers screen).
2. Click on NOD32.
3. Click on Run NOD32.
4. Click on “Scan and Clean”.
5. Check the scan results.

I will get back to you tonight with more information

Cheers

Yogi

 

Oh, okay Yogi, I misunderstood, I thought the NOD 32 had you do "extras"

Most people on NOD 32 have done the tutorial thanks very much.

PS I just ran a NOD 32 scan and clean myself, found zip.

BTW there are new MS security updates to xp sp2 I just installed there may be one for you on vista. Or do you update it on automatic?

 

Omg, Im in Oz too, do you have the bank of bendigo? you get a little key thing and it generates a new log in each time you log in?... I hate internet banking would make my life easier but im not ready to trust it yet . to me its just to open to log into and away you go pass ! glad u got ur money back wonder if the smaller credit union security is as good as the big banks, but then again bank of bendigo is CU and has that device so prob no different MD

here is that token thing
http://www.bendigobank.com.au/public/personal/e-banking_security_tokens.asp


Oh another thing you might want to think about doing is have a non internet banking account another bank for larger sums, and just keep few hundred in the internet one. If i did IB id do that, Im still using the eftpos card at the teller ye old faithfull

 

While it is good to see that this has had a relatively happy ending, there are a couple of points that have not yet been raised so far:

Financial Aggregation Sites: From details given above, it seems that the poster had multiple accounts at different institutions, which were then accessed via the credit union site. There are certainly web sites that allow you to manage multiple accounts with different banks in one go - these have to be supplied with the login details for each account and they then "scrape" information from those webpages to include in the one they show you.

While convenient, such a system significantly weakens security since all an attacker has to do is obtain one password (for the aggregation site) to access all your accounts. Since there is no way for a user to legally check how secure a site really is against intrusion, this could well result in users giving sensitive details to an insecure site. If you did not use such a site Yogi, then my apologies but your posts above did seem to suggest it.

Typosquatting: A variant on phishing, a fraudster will register a domain very similar to a real one (e.g. with a couple of letters swapped) with the intention that people making a spelling mistake will then be redirected to a fake site instead. See this MoneySavingExpert thread for an account of one such case.

Using bookmarks/favourites to access important sites will avoid such an event (unfortunately, a Linux LiveCD probably won't be able to do this unless it offers provision for storing configuration details on a USB thumb drive or something similar). Check browser history if in doubt to check which sites have been visited.

While this is all well after the fact, these points may serve to help others in keeping their finances safe online.

 

i haven't really read the whole thread. i'm glad things worked out fairly well

i just wanted to mention puppy linux lets you store your session on the livecd it's run on as long as you burn it to a read/write cd i think, i haven't done it. it's a small linux distro compared to others and really good too. for other linux livecds the thing you need to search for is called 'livecd persistent storage' or 'livecd persistent mode' or livecd persistent usb, stuff like that

i found these when i just searched -
https://help.ubuntu.com/community/LiveCDPersistence
http://www.pendrivelinux.com/2006/0...-and-usb-flash-drive-persistent-image-how-to/

here's the puppy linux forum, you can find out how to save the livecd settings there -
http://murga-linux.com/puppy/index.php

one more thing, you can burn a linux livecd with this program once you've downloaded the *.iso for it -
http://www.snapfiles.com/get/burncdcc.html

 

Regarding Financial Aggregation Sites: Use of them is just plain lazy. People want to take shortcuts all of the time. The people who followed the Donner Trail also wanted to take a shortcut and see what happened to them?

Typosquatting: I read an article about a guy who used this technique to redirect traffic to his server and then get a "paid referral" when he sends the "typo client user" to another server that can handle the original request. He signed up for a ton of typo named domain websites and got millions in referral fees. He sometimes get nasty emails from other competitors because he was able to grab the domain names before them. I guess I am in wrong business?

 

hey guys,

I am a premier account holder of Barclays Bank in UK. Yesterday I received my Bank Statement which shows a transaction which I never did. I contacted Bank and they said dat an amount of 2000 Pound has be transffered to someone. My passwords are same, my pc is upto date, i have running up to date Anti Virus, Spyware etc. Only 1 transaction has happened, I have reported de matter to bank.

I would like to know what are de chances dat I would get my money back ? Is dere any way to trace de person who did this ? How far will bank help me in this matter ?

your response in dis regard will be appreciated.
maher

 

@libramaher12345 start your own topic.

Don't hijack this one.

 

i dont knwo howto start new forum, im a new person in this , plzz help me in giving me details of my problem

 

I would recommend that you contact the bank security department immediately about the unauthorized access to your account. If they don't credit you back the disputed transaction amount, then close the account. Most banks have a dispute policy on how they handle disputed transactions. Read up on the documentation for your account. I got a bogus transaction back in July on my CC account. My bank immediately credited my account with the disputed amount. Also, the company that posted the transaction also gave me a refund. So I got free money on a fraudulent transaction!!

 

i have reported de fraud, and today i have received a formal document to be submitted to barclays to authorize them for the investigation. I have also checked the bank whether they will refund me the amount or not. They have not confrmed me that they will refund me the money or not, pretty surprizing. I have closed my internet banking account and have instructed my bank to keep an eye on my account and do not make any transaction without contacting me.

i dont know how this happened, i have never used internet banking from any where else (i use it from my home). Can u guys please help me that wat are de chances dat they will find the person who did thsi fraud. I was assured that they are contacting Interpool and custom authorities.

regards
maher

 

I don't have any bank accounts overseas so don't know the policies of UK banks. Some banks may be hesitant in crediting you the disputed amount because they may feel that you made an honest mistake and/or require more time to investigate the matter. In the US, most banks will provide you a copy of the disputed transaction if you request it. If they find that the transaction was indeed valid or it cannot be proven that it was unauthorized, they would then reverse the credit to the account. Again, each bank has its own policy regarding disputed transactions. Maybe some of the UK forum members have some opinions regarding your situation.

Good luck.

 

Hi All

In this thread someone mentioned that using a linux Live CD was a good way to conduct internet banking.

I use Windows XP and Firefox with Comodo3 Sandboxie and Threatfire Avast and SnoopFree.

Questions

1) Why is using a linux Live CD a good thing when doing online banking?

2) Can linux Live CD be used with Windows?

3) How do you use it?

4) Which linux version and where do I get it?

Thank you very much

Terry

 

In theory, not only a linux system cd is safe. Basically applies to almost every system where you can verify it is clean. The advantage of using boot cd is that you know it's always the same OS and is not infected (because you cannot write to closed cd session and manipulate files. HOWEVER. This whole approach is obsolete when you have another machine in-between, such as a dedicated router machine. (Since you can spoof and log Network traffic there and there is the chance that this machine is infected too)

Knoppix is the thing i suggest when you want to try that.

 

A live CD is a good idea because the media is not writeable; you're always booting from a known-clean source. You literally boot from the CD.

The liveCD does not work "with" windows, it works instead of windows. But if you have a PC running windows, it'll likely run a linux live CD

Simply put it inyour CD drive and boot from CD. It will find drivers and auto configure. Do your banking, remove the CD, reboot back to windows.

I've seen and used Knoppix.. Its a good starting point.