# Thieves



## Jac-in-a-Box (Nov 9, 2002)

Fuckity, fuck, fuck...

Having a half decent day until the fraud dept. of my bank calls me to ask about "suspicious" transaction.

"Did I use my Maestro card at 0730 this morning?" erm , no.

Upshot is that there are a string of transactions over the last few days amounting to near Â£1200 that haven't been made by me.
Can't/won't give me details on who has asked for payment.

PIA with no debit card, together with the anxiety of wondering who the fuck is have a spending spree with my hard earned. Have no doubts that I'll get the cash back - but can't help wondering how my details were obtained.

Like to think I'm careful...card isn't out of my sight in fuel stations and restaraunts (sp)
Use the card for on-line buying, but use "secure" sites.
Haven't given my Pin No to anyone and the card is in my possesion apart from when paying in shops etc.

Use on-line banking but change my password regularly...so how the fuck it's happened I don't know.

Did have problems with getting a huge amount of spam and links to porns sites. Still get some, but not in the same volumes as a month or two ago.
Installed a paid up version of "Previx1"... spyware/adware stuff (I think) which runs on start up and occasionally drags some suspicious programmes away to "jail"

Ebay account was hacked recently - someone nicked my ID, and I then started getting crap from sellers asking for payment for items "I'd bought"
Don't use Paypal either.

Seemed to be all resolved by Ebay - at least I'd thought so, until I get questions from a "potential" buyer on Ebay USA asking about a laptop I'm selling...I'm not and there is nothing listed on my ebay account suggesting such.
These "ask the seller a question" are being notified by email. When I click the link I'm getting a pop-up window with something about Active X controls not being installed?

More than happy with the bank spotting this fraudulent transaction, I'm concerned that someone has accessed my banking details somehow
While I think I'm sensible with my day to day use of my card - I can't help but wonder if there is something sniffing around in my lappy?

I do give out my bank details to buyers of Swissol goods - often take payments by internet bank transfer, but that's only acc name /sort code/acc No....no address, card security code etc.
I know most of these people - am I being stupid?

Just extremely pissed off....any thoughts on where I'm leaving myself exposed?

Dave


----------



## NaughTTy (Jul 9, 2003)

Bad luck Dave - hope the bank refund all the money with no hassles.

I don't think it matters how careful you are these days - someone will always get the details if they want to. There was a thread here recently that Shell service stations had a mini camera mounted in the ceiling above the Chip&PIN so they could record PIN numbers. :evil:

Also not unusual for your card details to be nicked by businesses like restaurants from their copy of the receipt - too easy for the thief to shop at some places online without all the security details too :x (no specific reason to pick restaurants - just you mentioned it above).


----------



## Private Prozac (Jul 7, 2003)

Jac-in-a-Box said:


> Seemed to be all resolved by Ebay - at least I'd thought so, until I get questions from a "potential" buyer on Ebay USA asking about a laptop I'm selling...I'm not and there is nothing listed on my ebay account suggesting such.
> These "ask the seller a question" are being notified by email. When I click the link I'm getting a pop-up window with something about Active X controls not being installed?


Dave ~ These are Spam. NEVER click on the links. If an e-bay member has asked you a genuine question you would find it in 'My Messages' on your e-bay page.

If you get one of these e-mails, go to e-bay and check your messages. Don't click on links, ideally don't open the e-mail and just get the gist from the subject title preview.

E-bay will never ask you to click on a link to do anything. Nor will Paypal. nor will your bank.

If you receive an e-mail, supposedly from any of these, open another internet page and log on to the relevant site. If they have any message, you will get it when you log in.

Delete the e-mail from your Inbox and Deleted Items box.

Neil.


----------



## Jac-in-a-Box (Nov 9, 2002)

Thanks Neil, done 

Just wondering if I'm suffering the consequences of not being "worldly wise" in all things PC.

Just going over what transactions have been recently on-line with the card. 
None, apart from renewing tax disc on-line with DVLA several days ago...all my debit card details entered on the site.
Would like to think a government type site would secure - then again, perhaps not :?

Good idea to "rub out" my lappy and start again? - perhaps answering my own question?! (standby for some" how do I do this" type of posts"!)

Dave


----------



## kmpowell (May 6, 2002)

Judging by your security precautions, I would hazard a guess at saying that you were either 'skimmed' or an insider at a Petrol Station has sold your details.

My Parents had Â£12k fleeced from their Credit Card a week before christmas. The fraud squad tracked it down to an employee at their local petrol station who was photocopying the till receipts (that dont have your numbers *'d out), and then selling them to contacts overseas (mainly Egypt).


----------



## Private Prozac (Jul 7, 2003)

Dave ~ Don't go OT on this.

I think with all your recent security updates you're fine laptop wise.

Personally I would:

Stick by my comments re e-mails received. Never ever click a link and submit info'. Go direct to the site and check for messages.

If convenient, request new credit/debit cards from your bank. You'll get a replacement in 3-4 days, you can request a new PIN or retain your existing. Might be worth getting new and then thinking of a new PIN to change it to, (not the same as on your old cards).

From memory, I think you loaded a load of software after your porn site visits ( :wink: ), so just update the software and check your lappy. It will find, and then you can delete, any Spyware/Trojans etc.


----------



## ObiWan (Sep 25, 2005)

Sorry to hear of this Dave. Don't just think high tech, somebody could have even lifted your details from your waste bin if you are not shredding your statements or receipts?


----------



## Jac-in-a-Box (Nov 9, 2002)

OK I'll leave the lappy - said with a sigh of relief!

Just visited the bank, it appears one particular transaction for a couple hundred quid flagged up an "unusual activity" this morning. Why that should have happened and whether it was a face to face or online transfer, I can't find out.

Just gone over a statement printout with the bank and confirmed all the transactions that are not mine - it hurts :x

Iban transfers. This is the only area that I think I might have slipped up...sold a couple of expensive watches via an established and reputable watch site recently.
One was to a fellow in Finland who wanted to use IBAN to pay...amongst all the IBAN, BIC, Acc No details etc he also needed my name and address :? 
I've got a payment Ref No but no payment yet - paid last Wednesday (and yes, he's got the watch)

Would this guy need name and address details to make an IBAN payment? How long would an IBAN payment take to reach the recieving account?
I know, ask the bank - can't be arsed with call centre's just now.

Paranoia (sp) setting in.

New cards in 7 days - deep joy. No instant refund of the money - up to two weeks; great.

But thanks for advice so far - appreciated


----------



## Jac-in-a-Box (Nov 9, 2002)

TT2BMW said:


> From memory, I think you loaded a load of software after* your son's or wife's* porn site visits ( :wink: ), so just update the software and check your lappy. It will find, and then you can delete, any Spyware/Trojans etc.


Ammended. I'm far too old to get any benefit from such places :wink:

Dave


----------



## Wallsendmag (Feb 12, 2004)

Jac-in-a-Box said:


> OK I'll leave the lappy - said with a sigh of relief!
> 
> Just visited the bank, it appears one particular transaction for a couple hundred quid flagged up an "unusual activity" this morning. Why that should have happened and whether it was a face to face or online transfer, I can't find out.
> 
> ...


If you need some money the cars filthy :wink: Seriously though a few people at work have had thei cards skimmed some don't even have a pc so dont't worry about that as long as you take all the usual precautions you'll be fine.


----------



## trev (Aug 5, 2005)

Sorry to hear about your bad news Dave, had this done to my switch card last year, found out it was the manager at comet dunfermline, after we bought a washing machine took Â£500 out of our account, Was paid back in full by the bank after a couple of days,


----------



## Private Prozac (Jul 7, 2003)

Yeah, but Trev ......it all came out in the wash didn't it? :lol: :lol: :lol:

D'ya gettit? 'Out in the wash' .....washing machine!

OK. I know where I left it. I'll go and put it on!!


----------



## Toshiba (Jul 8, 2004)

kmpowell said:


> Judging by your security precautions, I would hazard a guess at saying that you were either 'skimmed' or an insider at a Petrol Station has sold your details.


Its more likely to be a bank employee in India selling your details on rather than some one skimming. Not worked on banking systems for a while, but skimming can be traced quickly as all the victims use the same outlet/s.

Not binned anything with you details on that come through the mail? or had anything go missing from the mail?


----------



## trev (Aug 5, 2005)

TT2BMW said:


> Yeah, but Trev ......it all came out in the wash didn't it? :lol: :lol: :lol:
> 
> D'ya gettit? 'Out in the wash' .....washing machine!
> 
> OK. I know where I left it. I'll go and put it on!!


 :lol: you better leave it on :wink:


----------



## BreTT (Oct 30, 2002)

Hi Dave,

Sorry to hear your tale of woe - the bank should come through for you even if it does take a few weeks. Some of the anti-fraud software that detects unusual transactions is incredibly sophisticated, which is why the banks pay a lot of money for them. Tragically, they need hardware to run it on....somebody call? Some of my commission last year paid for your visit 

Cheers,
Brett

P.S. Love to Jackie


----------



## veldtmeyer (Jan 19, 2006)

I may have missed it, but do you have an up to date firewall? If you are using Broadband and don't have one you are essentially broadcasting to anyone thats listenting that your computer is open for business. Hackers and other reprobates can use a port scanning program to see if ports are open on your computer and then exploit them to gain access.

If you're unsure you can visit www.hackerwatch.org (sponsored by McAfee) and you can get it to test your ports and establish whether you are protected.

However, it is more likely that unshredded papers in the bin are the most common sources of fraudulent transactions.

Hope you get your refunds soon 

Cheers

*Veldtmeyer*


----------



## proteu5 (Apr 24, 2006)

HI Dave,

Sorry to hear of your trouble... I had this same issue last year with my bank account. First I knew about it was when my bank called me up and began asking me about specific transactions on my account, which later turned out to be fraudulent. My banking details had been discovered in a police raid on a gang in London, where several people were arrested on fraud charges. It turns out that they were caught with thousands of account numbers and cloned cards. 
I did get back all my money within 2 weeks. For my own peace of mind I asked my bank to give me a totally new account number. Once your banking details are out there they can and will be bought and sold within the criminal community. I have got no idea how they got my details as I am pretty cautious with my cash & credit cards like yourself... Working in IT security for a Legal firm I hear about this type of fraud all too frequently.... Its a sad world we live in...


----------



## episteme (Mar 30, 2006)

Dave, after all the advice you have given me, FINALLY I can return the favour, as this is my area of expertise! Consider this my 'tip-sheet' :lol:

- Never use *debit* cards online. Unlike credit cards, you're not necessarily protected. Should fraud occur on your account with a credit card, they should (and don't be afraid to point that out) remove the transactions immediately from your account (after going through the necessary questions they're legally obliged to ask you). You CANNOT be charged for transactions online (whether you made them or not)

- Although payments to secure sites are secure in the sense they use SSL (the data passed between host and client is encrypted preventing, theoretically, MITM attacks) the data is NOT necessarily stored securely when received. Once paid, the confidentiality of your information is purely at the discretion of the person handling it...

- If you use a wireless network, make sure you use WPA as opposed to WEP. WEP keys are *extremely* easy to recover. This in turn will lead to easy sniffing of network traffic from your wireless clients as the WEP key permits authentication. _This is currently the most common way of identity theft taking place._ Wireless networks are a playground for the bored. 

With WPA enabled, make sure your pre-shared key is the maximum length of 63 characters, using mixed case and special characters. WPA keys are much, much more difficult to crack. Further, do NOT go down the "security by obscurity" route which many seem to. Disabling the Access Point from broadcasting its SSID (the 'name' of the access point) doesn't hide it from all but the lamest idiot.

- Install a packet filter and, if you're using Windows, some half decent anti-virus software. The packet filter (or 'firewall') is more to protect you from the inside out, as it (should) inform you of any unauthorised programs attempting to communicate outside of your network. While denial of service attacks may be common from the outside on desktops, compromising of the machine is not as, unless you're running a web or ftp server or using some form of remote desktop connection, it's unlikely you will have any truly open ports. If using Windows, don't open emails from people you don't know, don't accept screensavers, Jpegs, music files or anything from people you don't know and never ever ever accept Active-X prompts on websites. Active-X is possibly the worst idea in the world, ever and was lauded with much applause in black-hat community as it made rooting Windows machines 1000x easier. Thanks Microsoft.

In a huge swathe of "LOL SORRY!!!" from Microsoft, Active-X been removed altogether from it's new secure (lol) OS, Vista.

Other than that, you've nothing to worry about! If you want I can give you a small program which you can run on your laptop which will produce a log. I can view said log and see if anything is present which shouldn't be. If you don't have any anti-virus software, then id recommend this:

http://www.clamav.net/

A version for Windows is available here:

http://w32.clamav.net/

As with any anti-virus software, it should be updated at least once daily and a full system scan performed at LEAST weekly - preferably more. Both tasks can be automated.

Any questions, by all means ask. :wink: Cheers,

Jamie.


----------



## s3_lurker (May 6, 2002)

I use MAC address filtering on my wireless network. Is this secure?


----------



## episteme (Mar 30, 2006)

s3_lurker said:


> I use MAC address filtering on my wireless network. Is this secure?


By itself, absolutely not. In fact, it's fairly pointless even used in tandem with WEP or WPA. This is because MAC addresses are very easily spoofed, as you can see from my screen here. Although the MAC address is physical in the sense that it is indeed "burnt" into the card at manufacture (unlike a logical IP address), and is several layers lower in the network stack, it's still part of that stack and therefore can be manipulated. The command I issue here does just that and the information it gives back is fairly self-explanatory 

Observe the box on the left hand side of the screen:


----------



## Private Prozac (Jul 7, 2003)

Blimey Jamie, you actually sound like you know something! Not just a pretty lap to sit on eh?

P.S. Top centre of your screenshot 'Playboy UK' ~ you dirty little wanker!


----------



## episteme (Mar 30, 2006)

TT2BMW said:


> Blimey Jamie, you actually sound like you know something! Not just a pretty lap to sit on eh?
> 
> P.S. Top centre of your screenshot 'Playboy UK' ~ you dirty little wanker!


:lol: Not completely useless, see!

As for the playboy thing, well, I have a perfectly valid excuse for that, it's who I work for :lol:


----------



## A3DFU (May 7, 2002)

Jac-in-a-Box said:


> Fuckity, fuck, fuck...
> 
> Having a half decent day until the fraud dept. of my bank calls me to ask about "suspicious" transaction.
> 
> ...


Dave,

my lad, Rainer, just had the same thing happening to him: Â£800 worth of goods been bought through his CC. It were all on-line transactions with "card not present". He found out that he had a Troyan on his PC!!
Thankfully, he got his money back from the CC company.

Good luck with your's


----------



## episteme (Mar 30, 2006)

_He found out that he had a Troyan on his PC!!_

Is why you follow point 4 of my tip sheet.

_Thankfully, he got his money back from the CC company._

Is why you follow point 1 of my tip sheet.


----------



## A3DFU (May 7, 2002)

episteme said:


> _He found out that he had a Troyan on his PC!!_
> 
> Is why you follow point 4 of my tip sheet.
> 
> ...


Hokay .... I never read your post ... just Daves.

So, what did you say :wink:


----------



## episteme (Mar 30, 2006)

A3DFU said:


> episteme said:
> 
> 
> > _He found out that he had a Troyan on his PC!!_
> ...


It's on page 2 of this here thread.


----------



## A3DFU (May 7, 2002)

episteme said:


> A3DFU said:
> 
> 
> > episteme said:
> ...


Ohhh .... how do I get to page 2 :roll:

ps, well, I duly read page 2 now ... but I ddn't understand a word you said. I think the essence is: be careful in how you use your details on-line?


----------



## episteme (Mar 30, 2006)

A3DFU said:


> ps, well, I duly read page 2 now ... but I ddn't understand a word you said. I think the essence is: be careful in how you use your details on-line?


Well yes, that and make sure you make at least a half-hearted attempt to try and secure a proactively insecure operating system. (i.e. Windows)


----------



## s3_lurker (May 6, 2002)

episteme said:


> s3_lurker said:
> 
> 
> > I use MAC address filtering on my wireless network. Is this secure?
> ...


Thanks for that. Back to the ethernet cable methinks!


----------



## episteme (Mar 30, 2006)

s3_lurker said:


> episteme said:
> 
> 
> > s3_lurker said:
> ...


:lol: Believe it or not WEP was chosen as the initialisation for that brilliant technology, as it stood for "Wired Equivalent Privacy." That could almost be taken as sarcasm on their part. Failures.

To be honest, if you're using a wireless router, it should have WPA as an option on it. If you let me know what make/model it is, ill find out for you and write you a very easy how-to for how to configure it. (It's really quite easy)


----------



## Jac-in-a-Box (Nov 9, 2002)

Only just noticed this - and thanks for the advice Jamie, appreciated 

I'll not pretend to understand it, but I'll run the programme tomorrow and let you see the results.

I've got a firewall and all the other "stuff" I mentioned earlier - all on auto updates with weekly scans. Feel reasonably confident that I'm as secure as can be....well, I think I am.

As for the money; all back without any problems - just a PIA having no cards for 10 days. All back to normal now.

Bank wouldn't tell me who had the money, it appears it was two fraudulent transactions. Although the bank won't tell me, I know who triggered the banks fraud dept into action...my f'ing insurance company.

One of the transactions was for exactly the amount of my renewal premium at 7.00 am; an odd time for a broker to be working.
Having spoken to the broker, they deny doing anything other than a "transaction authorisation" for my renewal in 3 weeks time....to see if my card "still worked"
A week after the insurers lifted the money the letter with my renewal details arrived!

AFAIC, they took the money without my authorisation and without me haven given the go-ahead for acceptance of the renewal premium. 
Letter has gone to the insurance ombudsman.

This was the same bunch of tossers that saw me off with a duff policy when my BM caught fire last year.
Not sure if the remainder of the missing cash is down to them or not.

Not down to any negligence on my behalf - or duff security on the lappy. It does make you wonder who plays around with your card details that have been passed by phone...I'd never have imagined that an "established institution" would have been the culprit for all or part of the fraud.

Going to keep my cash under the bed from now on!

Dave


----------



## episteme (Mar 30, 2006)

Jac-in-a-Box said:


> Only just noticed this - and thanks for the advice Jamie, appreciated
> 
> I'll not pretend to understand it, but I'll run the programme tomorrow and let you see the results.
> 
> ...


Hang on, run the program?? I haven't given it to you yet! I've got your email, so I'll send it that way.

Yes, sadly merchant fraud is the thing you can't possibly defend against. At the end of the day, you have to trust someone at some stage, or else you end up hiding your money under the mattress! Oh hang on, that's your next plan!! :lol: See you on the tour, speak to you via email,

Cheers,

Jamie.


----------



## Jac-in-a-Box (Nov 9, 2002)

You're right...I didn't read and understand :roll:

The joys of being aged and knackered :wink:

Dave


----------



## episteme (Mar 30, 2006)

Jac-in-a-Box said:


> You're right...I didn't read and understand :roll:
> 
> The joys of being aged and knackered :wink:
> 
> Dave


:lol: - you have email


----------

