Mean, sick, and poor is no way to go through life, son.

Never use Windows for Internet Banking

brother in law just got fleeced for 10k from his business account by someone logging in via internet using the passwords etc.  the only way anyone could have gotten that info was from a keylogger running on his business machine.
he had sp2 installed, updated everything, secure networks the lot.

Ive suggested he purchase a wee mac ibook or similar just for the purposes of internet banking....technically its prolly no more secure, but practically I dont know of anyone, ever who has had problems of that nature.

so, truism for the 2000's "Dont Use Windows For Internet Banking'.
Permalink FullNameRequired 
April 16th, 2006 12:47am
Hmmm. While US banking sites just ask for a password, British sites tend to have multi-layer security with challenge-response questions and mouse input that would guard against key loggers. I always thought that was overkill, but perhaps it is justified...
Permalink Send private email Ian Boys 
April 16th, 2006 1:25am
yeah, the banks here in NZ are looking at adding additional layers of security.
one idea being talkde about here is to use text messages to cellphones as a challenge/respones layer over the top.

personally I think its a great idea. 
I hope they make it optional for a while though, until there is at least one case of a similar thing occuring on a mac Id like to continue using internet banking without any additional layers.
.....if they go there though the chances are good they'll jsut make it mandatory, thereby punishing all computer users for the fact that windows is targeted so strongly...
Permalink FullNameRequired 
April 16th, 2006 1:30am
I generally agree. The script kiddies are terrible. They look like normal kids, but they will do terrible things if allowed. Also, with the spreadness of the Net, bad people try to do this all day long in their distant countries, feeling untouchable.

Here in Brazil, almost every month we are seeing some kind of large online fraud.

People are going to jail, but so what? There are thousands of them doing the same thing all day long.

My bank demands a 12 chars password, another 4 chars password, and they sent to me another card-sized list with code checks, like (21: 8975, 22: 1452, and so on). (And for completeness sake, for ATM machines I use another password and another check.)

I really like that they are that paranoid for online transactions.
Permalink Believe in you, I 
April 16th, 2006 2:24am
"the only way anyone could have gotten that info was from a keylogger running on his business machine."

Or the bank was hacked
Or the bank files were stolen (Citibank lost some magnetic tapes two months ago)
Or he uses the same password everywhere
Or he wrote it down and someone dumpster dived
Or someone did a dictionary attack against the bank
Or he was phished

But yeah, out of all that it's most likely someone hacked his desktop and installed a keylogger (more likely he installed some random shareware that had one)

I'm curious - if he *had* been using a Mac and this happened, would you recommend dumping the Mac?
Permalink Send private email Steel McLargeHuge 
April 16th, 2006 2:42am
Some fun graphics:

"Why Windows is less secure than Linux"
http://blogs.zdnet.com/threatchaos/?p=311
Permalink Believe in you, I 
April 16th, 2006 3:32am
"the only way anyone could have gotten that info was from a keylogger running on his business machine."

"Or the bank was hacked "

yeah, thats *much* more likely than it is that someone hacked his machine.
HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA
HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA
HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA

"Or the bank files were stolen (Citibank lost some magnetic tapes two months ago) "

uh huh.


"Or he uses the same password everywhere "

no, hes a smart, computer savvy guy.  (business is not computer related).

"Or he wrote it down and someone dumpster dived "

nope.

"Or someone did a dictionary attack against the bank "

yes.  because bank systems aren't savvy enough to notice 3 million failed attempts within a few short hours.

"Or he was phished "

nope.


"But yeah, out of all that it's most likely someone hacked his desktop and installed a keylogger"

gods yes.  are you saying you *really* believe its more likely that his bank was hacked than that someone hacked his computer?  thats pretty weak philo.

"(more likely he installed some random shareware that had one)"

nope.  neither he nor his accounts lady ever installed anything on that machine.  they couldn't if they wanted to.


"I'm curious - if he *had* been using a Mac and this happened, would you recommend dumping the Mac?"

my christ yes.  as soon as (actually, well before,) key loggers are anywhere near as commonly found on macs as they are on windows Im going to stop using them for internet banking and switch to something less common.  amiga OS maybe?  Ill find something.

its just NOT WORTH THE RISK.  seriously, whats a little convenience compared to the risk that your accounts are emptied?
Where would you buy a house?  where there are *lots* of breakin, or where there are *none*?

Currently there have been *no* cases of this happening on macs that I have heard of.  once there are a decent number (enough so I can be moderately sure its wide sperad), Ill stop in a second and we'll return to phone banking or visiting the bank in person.

If/when banks do bring out a second tier of security using texting or whatever then that *might* change the equation....maybe....unless the cellphone to text can be set by logging onto the banks website of course....
Permalink FullNameRequired 
April 16th, 2006 5:26am
The most likely cause for any security breach is people.
Permalink Send private email Simon Lucy 
April 16th, 2006 7:14am
thats exactly right.

...and its why its so important to have running an operating system that doesn't have the kinds of issues that windows has to do my banking on.
Currently we can install third party shareware without risking our account balance :)

Once that is no longer true, once there are a significant number of cases of compromised macs out there we *will* stop using our macs to do our internet banking.


it would be an interesting little solution actually....a linux based operating system running on a PDA of some kind that is only *able* to run the *specific* applications and kernel code needed to allow internet banking.
So it would have to have the network stack, the html renderer and whatever supporting code is needed.

You could set it up to alert and shutdown in the case of unknown code running, it would be password only login, no ability to install any other application and a customised arrangement of the file system to stymie any of the current trojans etc.

designed simply to sit in the desk at home and to be used only for the banking....hell, you could prolly even disallow non-https browsing...

...hmmm...
Permalink FullNameRequired 
April 16th, 2006 8:36am
what the hell was I thinking, you dont need to run the stupid thing on a PDA...just provide a bootable linux cd stripped right down and you have the perfectly secure internet banking vehicle.
boot into it, logon, do your business, restart the computer and remove the cd.  no writable harddrive so nothing is recorded.  no writeable harddrive so there is no chance of anyone hacking in and installing anything during the time you are online.

perfect.

damn. I am *so* going to suggest that to my brother in law.  actually I might use it myself.  I wonder if there is a bootable linux cd for ppc mac.
Permalink FullNameRequired 
April 16th, 2006 8:45am
looks like ubuntu is the best bet for mac.
Permalink FullNameRequired 
April 16th, 2006 9:04am
http://ftp.citylink.co.nz/ubuntu-releases/5.10/


live bootable ubuntu cd (or ubuntu installer if preferred)

bang.  the perfectly secure internet banking mechanism.
Permalink FullNameRequired 
April 16th, 2006 9:09am
Assuming your banks website works with Ubuntu's browser.
Some of them still say "we only support IE"

But it is a good idea.
Permalink xampl 
April 16th, 2006 9:59am
----"are you saying you *really* believe its more likely that his bank was hacked than that someone hacked his computer?"----

Actually I would say a lot more likely that the bank computer was hacked once than thousands of individual machines were hacked, and then the crackers went through vast amounts of data until they worked out which keystrokes corresponded to the banking password.

I got a call a couple of weeks ago from the bank. Someone was using my credit card number in France. I assured the bank that I had my card with me and had not been to France since 1998 and nothing happened, but I would think it a lot likely someone in the bank sold off a load of credit card details than that it was skimmed in one of the four or five places I had used it on holiday in Sri Lanka.

In Bradford UK, there is a pedestrian walkway full of plain clothes police trying to sting con artists who are trying to set up informants in the call centre across the road. The place is busier than the underground loo at Picadilly circus!
Permalink Send private email Stephen Jones 
April 16th, 2006 10:53am
FNR, please post details when you identify the keylogging software or virus. I'll be interested to hear, and I'll forward the details to our security folks.

Thanks.
Permalink Send private email Steel McLargeHuge 
April 16th, 2006 11:29am
"Actually I would say a lot more likely that the bank computer was hacked once than thousands of individual machines were hacked"

huh?  who is talking about thousands of individual machines?  AFAIK its just my brother in law.

...not that the banks advertise these things mind you...  OMG!  maybe its a conspiracy!
Permalink FullNameRequired 
April 16th, 2006 4:53pm
Well, they don't. Banks get hacked an awful lot more than they let on, and judging by what some of the people I know in the industry say, it's their own goddamned fault for having shoddy security half the time. The other half the time it's insiders.
Permalink Send private email كولم 
April 16th, 2006 4:56pm
"FNR, please post details when you identify the keylogging software or virus. I'll be interested to hear, and I'll forward the details to our security folks. "


not going to happen unfortunately.  the harddrive of this machine mysteriously broke the same day that the last of the money was withdrawn from the account.  (two payments to a separate account were made over 3 days).
Not, at that point, suspecting anything he simply had it replaced.
The next day he noticed the money missing from the account.
Permalink FullNameRequired 
April 16th, 2006 4:56pm
"Well, they don't."

ok, so you are of the opinion that its WAY more likely that the entire bank was hacked and thousands of people have had their money stolen quietly (without mentioning it to anyone) than it is that a single person had their windows computer hacked?

brilliant! 
I have a wallet in my pocket, whats your best theory on how it got there? did I place it in there this morning?  or did someone give the entire neighbourhood a dose of sleeping potion last night and thereby sneak into my house,  find the wallet, pleace it in the back pocket of my trousers and then sneak from house to house giving each of us a little wakeup potion?
you choose.
Permalink FullNameRequired 
April 16th, 2006 5:01pm
----"huh?  who is talking about thousands of individual machines?  AFAIK its just my brother in law."----

Ah, I hadn't realized he banked with the local barber's shop!

There are going to be tens of thousands of customers from any large bank who are having their identity stolen and money taken from their accounts.

If Windows is the problem, then you would have to postulate tens of thousands of separate hacking attempts. Much easier to postulate just a few leaks at the bank site.
Permalink Send private email Stephen Jones 
April 16th, 2006 5:03pm
>ok, so you are of the opinion that its WAY more likely that
>the entire bank was hacked and thousands of people have had
>their money stolen quietly

I wouldn't profess to know exactly how likely each scenario is, but it IS in the bank's interest to try and foist off the blame for what happened onto the consumer because they then aren't liable for the cost. Simple economics.
Permalink Send private email كولم 
April 16th, 2006 5:09pm
"There are going to be tens of thousands of customers from any large bank who are having their identity stolen and money taken from their accounts."

huh? that seems like a pretty big step.

"If Windows is the problem, then you would have to postulate tens of thousands of separate hacking attempts."

why?  AFAIK there has just been one.  presumably it was opportunistic, maybe even done by someone with local access.

The problem *isn't* windows per se.  Its the widespread availability and use of keyloggers on windows.  Keyloggers can and do exist for every modern OS, but so far they dont seem to be used much on mac os and linux.

Once use of mac keyloggers is ubiqituous I will stop doing my internet banking on macs, they wont be safe.

The ideal solution is the use of a 'known good' live linux cd that cannot possibly have had a keylogger installed on it without the criminal needing to physically replace the cd itself.

it is, for instance, perfectly possible that a criminal could break into my house while I am out and install a keylogger on my mac...I have to login on restart, so he would have to be a *smart* criminal to get around that....but I have no doubt at all that it is possible...maybe by booting off of a live linux CD :)

Currently its just not likely on mac, because the tools are not in widespread use.  therefore Im happy to take the risk.
Its not about the security, or lack of it, on windows so much as it is about the widespread availability and use of keyloggers combined with the holes that can be expected to exist in any system.
Permalink FullNameRequired 
April 16th, 2006 5:11pm
"I wouldn't profess to know exactly how likely each scenario is, but it IS in the bank's interest to try and foist off the blame for what happened onto the consumer because they then aren't liable for the cost. Simple economics."

you dont think that 10s of thousands of people in a country as small as new zealand all being forced by their bank to swallow the loss might be noticed by someone?


why do all of you seem particularly stupid today?  it must be a full moon or something.
Permalink FullNameRequired 
April 16th, 2006 5:14pm
God knows. Your perception of other people's stupidity seems to correlate more with your mood than with anything else.
Permalink Send private email كولم 
April 16th, 2006 5:19pm
"Your perception of other people's stupidity seems to correlate more with your mood than with anything else."

well, now *thats* just stupid.
Permalink FullNameRequired 
April 16th, 2006 5:43pm
Dude, I can't believe you're only 33. I had you pegged as, like, 55 or something.
Permalink Send private email كولم 
April 16th, 2006 5:48pm
moron
Permalink FullNameRequired 
April 16th, 2006 5:55pm
Seriously. How can you be THAT bitter at age 33?
Permalink Send private email كولم 
April 16th, 2006 6:03pm
because of all the people in the world who are of the type that is willing to believe that its more likely that a bank has been hacked and the records of thousands of people stolen, than it is that a single computer has been pwned.
Permalink FullNameRequired 
April 16th, 2006 6:19pm
I'm not making any claim one way or the other. I freely professed to not having the information needed to calculate the relative risk of losing critical account details from hacking banks vs. hacking PCs. All I know is that when it happens to banks it gets hushed up, and it happens far more frequently than it gets reported in the news (which is fairly frequent in itself).

You're the one claiming to know something neither of us can know.
Permalink Send private email كولم 
April 16th, 2006 6:27pm
"I'm not making any claim one way or the other."

in that case I clearly wasn't referring to you, was I?


christ. would you like some personality to go with that big bundle of self-absorbed narcissism?

"I freely professed to not having the information needed to calculate the relative risk of losing critical account details from hacking banks vs. hacking PCs."


woohoo.  the moron freely admits he has entirely no clue about the current topic of conversation.

...now, if we can just get him to stop *posting* in this situation...

"All I know is that when it happens to banks it gets hushed up, and it happens far more frequently than it gets reported in the news (which is fairly frequent in itself). "

uh huh.  how do you know that exactly?

"You're the one claiming to know something neither of us can know."

yeah.  silly me.  clearly all opinions are equal, and its just as likely that 10s of thousands of people had their money stolen from the bank and didn't say a word (because they were hushed up!) as it is that one person had his computer hacked.

god knows if my money was stolen from a bank, *Id* look kindly on their requests to please not say anything about it thanks very much, oh and by the way we're not going to refund it either, ok?  ssshhh....
Permalink FullNameRequired 
April 16th, 2006 6:33pm
>in that case I clearly wasn't referring to you, was I?

Your rhetorical question towards me above clearly indicated that you were.

>christ. would you like some personality to go with that big
>bundle of self-absorbed narcissism?

When you fucking QUOTE what I said and then respond with a acridly sarcastic rhetorical question, I think it's POSSIBLE that you're talking to me.

Then again, it could just be my big bundle of self-absorbed narcissism. Silly me.

>woohoo.  the moron freely admits he has entirely no clue
>about the current topic of conversation.

Again, wrong. I know more than you.

>uh huh.  how do you know that exactly?

A second ago I knew nothing didn't I?

Oh wait. That was just what you said, because you're a FUCKING RETARD WHO CAN'T READ.

The REASON that I know that is because:

1) I know and have met programmers who work in the banking industry.
2) I have met a security analyst who works at a major bank (my brother's best friend).
3) I read security journals and blogs.

And CRUCIALLY

4) I've heard the same thing from all of them at one time or another.

Now, maybe you can't understand how anybody could know these things because all you have to talk to is hobbits and OAPs, but that doesn't mean that the rest of the world is as socially inept as you.

>yeah.  silly me.  clearly all opinions are equal, and its
>just as likely that 10s of thousands of people had their
>money stolen from the bank and didn't say a word (because
>they were hushed up!) as it is that one person had his
>computer hacked.

It does happen all the time. It happened to somebody in this thread recently. It happened to my mother not so long ago. The bank refunded her money. That's how it gets hushed up. They've claimed before that it was her fault before now, though. Never successfully, however.

Plenty of times the bank realizes that they've been hacked, refunds the money and claims it was a "banking error". That's how 10s of thousands of people have their money stolen and don't say a word: most of the time they don't even realize.
Permalink Send private email كولم 
April 16th, 2006 6:50pm
If your brother's banks is a two-bit local operation you may be right.

The reason I suspect the bank, is that I consider it highly unlikely your brother is the only one. This article, referring to the US, has the title, "Two million accounts robbed".
http://www.msnbc.msn.com/id/5184077/
Permalink Send private email Stephen Jones 
April 16th, 2006 6:58pm
"Your rhetorical question towards me above clearly indicated that you were. "

huh?  you asked a question and I answered it.


"When you fucking QUOTE what I said and then respond with a acridly sarcastic rhetorical question, I think it's POSSIBLE that you're talking to me. "

wtf?  my post was exactly this:

"because of all the people in the world who are of the type that is willing to believe that its more likely that a bank has been hacked and the records of thousands of people stolen, than it is that a single computer has been pwned."

I dont quote you at all.  do you actually *read* my posts?  or are you just replying to the voice in your head?

"Then again, it could just be my big bundle of self-absorbed narcissism. Silly me. "

*now* we are in agreement.  I didn't quote you.  I answered your question with a generic description of a particular type of person.

"Again, wrong. I know more than you. "

*excellent*

perhaps we could talk about what you do know then, rather than what you dont?

you could start your own thread..."stuff I know about things" and just go to town on it.

Im sure it would be riveting.


"A second ago I knew nothing didn't I? "

what?  now Im confused.  do you know something about anything or not?

"Oh wait. That was just what you said, because you're a FUCKING RETARD WHO CAN'T READ. "

brilliant come back.  accusing someone posting to a text internet forum of not being able to read. priceless. 


"The REASON that I know that is because:
<snip>
And CRUCIALLY

4) I've heard the same thing from all of them at one time or another."

aha! excellent.  since you have so much knowledge you must be able to answer a few questions for me :)

(1) What is the ratio of money stolen by hacking the banks, compared to money stolen by hacking computers and key loggers?

(2) what was the amount successfully stolen from banks by phishers last year?

(3) what operating systems were the banks that were hacked running?

(4) what was the % breakdown of operating systems run by the users who were hacked?


thanks :)

"Now, maybe you can't understand how anybody could know these things because all you have to talk to is hobbits and OAPs, but that doesn't mean that the rest of the world is as socially inept as you. "

I think its great.  having someone as knowledgeable as you on this thread is goign to be a real boon. 

I look forward to the answers to my questions.  just let me know if theres any you dont know the answers to.

not that I expect any problems there, with your great knowledge of the topic and numerous contacts in the industry.

"The bank refunded her money. That's how it gets hushed up."


un huh.  because absolutely everyone, all the time, agrees to go totally quiet on the topic in exchange for their money.

no one *ever* refuses to keep quiet.

sounds believable to me.


"most of the time they don't even realize."

uh huh.  and we know thats true because no one ever complains about being robbed, right?
Permalink FullNameRequired 
April 16th, 2006 7:03pm
"If your brother's banks is a two-bit local operation you may be right."

ANZ I think.

"The reason I suspect the bank, is that I consider it highly unlikely your brother is the only one. This article, referring to the US, has the title, "Two million accounts robbed".
http://www.msnbc.msn.com/id/5184077/"

right.  not much hushing up going on there huh.  Colm, why didn't the banks hush these people up like they did all the others?

If there *weer* 10s of thousands of people hacked at the same time as my brother in law then it must have been because the new zealand database was hacked (the international banks are forced by some regulation or other to keep the databases separate for separate countries).  that means that there would be 10s of thousands of new zealand customers who were also hacked.  given that the population of new zealand is around 4 million, we would have heard about it on the news by now.
Permalink FullNameRequired 
April 16th, 2006 7:06pm
---"what operating systems were the banks that were hacked running?"---

I think we can be sure that whatever it was it wasn't windows. If your bank is running all its services on Windows then you've bigger problems than worrying about hackers.

You are also showing a geek bias here. There is little clever hacking involved. Somebody with access gets a list and sells it.
Permalink Send private email Stephen Jones 
April 16th, 2006 7:07pm
"I think we can be sure that whatever it was it wasn't windows"

yeah, I totally agree.  I would happily have assumde some kind of unix.  luckily though we no longer have to assume or guess...colm has numerous contacts in the industry and a breadth of knowledge in this area and can simply tell us.


right colm?
Permalink FullNameRequired 
April 16th, 2006 7:10pm
"The ideal solution is the use of a 'known good' live linux cd that cannot possibly have had a keylogger installed on it without the criminal needing to physically replace the cd itself. "

No, the ideal solution is to maintain an awareness of your bank accounts and monitor them for unusual activity. Because even if you use the safest possible workstation for your internet banking, you still have to watch out for breaches on the other end.

Look:
3 Million Citibank Customer Records Lost in UPS Shipment
http://www.paymentviews.com/blog/_archives/2005/6/9/924694.html

Bank of America loses a million customer records
http://news.com.com/Bank+of+America+loses+a+million+customer+records/2100-1029_3-5590989.html

Hacked bank server hosts phishing sites
http://www.computerworld.com/securitytopics/security/story/0,10801,109500,00.html

Three Florida Bank servers hacked
http://scmagazine.com/us/news/article/550418/three+florida+bank+servers+hacked/

40 Million Credit Card numbers hacked
http://www.washingtonpost.com/wp-dyn/content/article/2005/06/17/AR2005061701031.html

On Keylogging:
http://www.informationweek.com/shared/printableArticleSrc.jhtml?articleID=168600805
"According to Phil Owens, product manager at Sunbelt Software, the keylogger is known to be present in adware downloads offered at certain porn and hacking sites. He says that users of unpatched Windows systems prior to Windows XP SP2 can have their PCs infected simply by visiting one of these sites. In other instances, a confirmation dialogue box may be the only warning that a dangerous download is about to take place."

[more on that:]
http://sunbeltblog.blogspot.com/2005/09/this-keylogger-thing.html
Not one of the machines we found infected were running Windows XP Service Pack 2.  ALL of the infestations are occurring on older Windows XP systems.
[snip]
During one test, I went to a site that installed the keylogger.  Windows XP SP2, no problem.  Didn’t even touch the machine. Unpatched — zing! Instantly infected.

To those that insist on not upgrading to SP2, you are nuts.  Sorry, it’s the plain truth.  You’re playing with fire.


http://www.consumeraffairs.com/news04/2005/keylogger_scam.html
"None of [the infected computers] had Service Pack 2 on them, and most didn't have Service Pack 1," he said. "Just use the updates and you'll be all right."
Permalink Send private email Steel McLargeHuge 
April 16th, 2006 7:26pm
"To those that insist on not upgrading to SP2, you are nuts.  Sorry, it’s the plain truth.  You’re playing with fire. "

I agree.  my brother in law *was* running SP2.
Permalink worldsSmallestViolin 
April 16th, 2006 7:45pm
"No, the ideal solution is to maintain an awareness of your bank accounts and monitor them for unusual activity."

huh?  everyone with half a brain does that anyway.  doing so doesn't actually *reduce* the chance  of unusual activity happening though, does it?

"Because even if you use the safest possible workstation for your internet banking, you still have to watch out for breaches on the other end. "

yep.  but that doesn't mean that you shouldn't use the safest possible workstation for your internet banking though, does it?

I mean, catching the crime after the act is good, but actually reducing the chance of the crime occuring is *fantastic*, right philo?
Permalink worldsSmallestViolin 
April 16th, 2006 7:47pm
Well, looking at all the cites I listed, and if he was fully patched and security conscious, which do you think is more likely - keylogger or bank hack/phished?

Here's another hint - keyloggers don't usually just pick one guy. They farm the stuff out like viruses. Viruses spawn security warnings. (A keylogger that could skip through SP2 would probably generate a very high-priority internal memo; I haven't seen one - I'll tell you if I do)

In all sincerity, it's *possible* his desktop was hacked. Given what you've said it's more likely the information was fetched some other way.

And given that you have no clue whatsoever which it is, the best advice is the usual advice - monitor your accounts, keep your workstation (whichever OS) fully patched, run a software firewall.
Permalink Send private email Steel McLargeHuge 
April 16th, 2006 7:52pm
"Well, looking at all the cites I listed, and if he was fully patched and security conscious, which do you think is more likely - keylogger or bank hack/phished? "

I think keylogger.  we'd have *heard* about a bank hack.  Ill let you know if we do though, I guess it might still be coming.


"Here's another hint - keyloggers don't usually just pick one guy."

yeah, I agree with this.  I have a vague feeling it was somehow installed locally.
dunno why, it just feels strange.

It has to be a keylogger, there is no other way for them to get the banking logins.


"A keylogger that could skip through SP2 would probably generate a very high-priority internal memo; I haven't seen one - I'll tell you if I do"

Ill tell you if some other explanation appears.


"In all sincerity, it's *possible* his desktop was hacked. Given what you've said it's more likely the information was fetched some other way."

It really cant have been.  two people (brother in law and secretary) have that info, they only ever access the internet banking for that account from their work.  both people are totally trusted and have been around for years.

interesting though, the transfer was to a new zealand based ANZ account and was withdrawn immediately, so it doesn't seem likely that it was done by the standard 3rd party trojan apparoach...maybe thats why I think local access was necessary.

"And given that you have no clue whatsoever which it is, the best advice is the usual advice - monitor your accounts, keep your workstation (whichever OS) fully patched, run a software firewall."

yep.  and Im going to suggest that he switch to using a live linux cd for his internet banking (assuming it works with his bank).  it never hurts to be a little more secure.
Permalink worldsSmallestViolin 
April 16th, 2006 8:04pm
One thing that could be done to solve this is to use VMs to run the software that people randomly download from the Internet. That way people can have their porn diallers and not have their computer cracked.

I went to a lecture a couple years ago by Dr. Solomon (created the first anti-virus software) and he said that this was what he did in response to a question about what kind of virus-scanning software he used :)
Permalink Send private email كولم 
April 16th, 2006 8:05pm
>> One thing that could be done to solve this is to use VMs to run the software that people randomly download from the Internet. That way people can have their porn diallers and not have their computer cracked.  <<

I do this.  I have a VM with Undo Disks turned on for when I visit untrusted websites (not just pr0n).  Very helpful when I get link-ambushed by a tinyurl - just stop the VM and don't commit the changes.
Permalink xampl 
April 16th, 2006 9:46pm
BTW, I just work on my desktop. XPSP2, routinely patched. I surf all kinds of sites (including all the drek you lot put up) and I have never had a problem.

I must not be seeing some pretty good stuff...
Permalink Send private email Steel McLargeHuge 
April 16th, 2006 10:22pm
You could just be lucky.
Permalink Send private email كولم 
April 16th, 2006 10:25pm
how would you know if you did?
Permalink worldsSmallestViolin 
April 16th, 2006 10:31pm
I have as much evidence that I don't as you do that your brother did. ;)
Permalink Send private email Steel McLargeHuge 
April 16th, 2006 10:51pm
??? youve had $10k deposited into your bank account? and your harddrive die mysteriously on the same day as the second payment?

incredible.  now *theres* a coincidence.
Permalink worldsSmallestViolin 
April 16th, 2006 10:57pm
Does he still have the hard drive? Contact the FBI (or if you want I can probably find the right person to talk to). Bank fraud *and* malicious computer trespass? They should eat it up...
Permalink Send private email Steel McLargeHuge 
April 16th, 2006 11:23pm
I assume so.  unfortunately hes a new zealand citizen, lives in new zealand and has a new zealand based business so I suspect the FBI may not be particularly interested.

the fraud office here have been notified of course, so it will be interesting to see what comes of it.

Ill keep you posted :)
Permalink worldsSmallestViolin 
April 16th, 2006 11:31pm
<< youve had $10k deposited into your bank account? and your harddrive die mysteriously on the same day as the second payment?  >>

In an alternate universe where major corporations *really* care about their customers:


Sorry about the inconvenience of your hard drive going bad.  We've deposited $10,000 into your account as an apology, and we hope you purchase a replacement drive from us.
Western Digital Corporation
Permalink xampl 
April 17th, 2006 9:44am
Oh that made me laugh so hard.

There are several likely situations but the most unlikely one is that he was stung individually and separately.

The most likely is that it never happened.  He's really got a gambling habit, or a woman on the side or his wife is about to go AWOL.  This doesn't mean any of that is true, just that  its more likely.

Then you have a set of diminishing likelyhoods, its more likely that the bank was hacked at some point in the past and they just got around to the account.  It's just a simpler point of entry and only relies upon one bad employee.

Banks don't advertise when they've been hacked, if they notice it in time then they put the money back and say nothing.  If they don't notice and the client complains and they have a reasonable story then they'll pass it onto the money laundering investigation folk in whichever country, and they'll probably replace the money.

Sometimes the banking system just screws up and direct debits just go astry, pull from the wrong account or fill the wrong account.  Again that's something the bank would rectify.

It has nothing to do with Windows.
Permalink Send private email Simon Lucy 
April 17th, 2006 11:54am

This topic is archived. No further replies will be accepted.

Other topics: April, 2006 Other topics: April, 2006 Recent topics Recent topics