Attempted internet bank details theft

Fruitcake

I belive I am the victim of an attempt by person or persons unknown to obtain my internet bank security details.

Something nasty got past my Spyware and Antivirus programmes, despite the latest automatic updates, and badly infected my confuser. I ran several cleanup scans but still had problems with slow response and freezing.

When I logged on to my Woolwich internet bank account, it asked me for my account number, password, and two digits from my PIN as usual. After this I was taken to a very realistic looking "Woolwich" internet bank page, but one that I had never seen before. In the middle was a message saying that my information had not been recognised and invited me to enter my PIN in the space provided.

I was immediately suspicious so I 'phoned Woolwich straight away. They confirmed that something was amis so I got them to freeze the security login details and issue me with a new Password and Pin. When I checked back from another confuser my account had been locked as requested.

I then disconnected the infected confuser ready to have its hard drive wiped and reverted to an older and slower machine in the meantime that hopefully is "clean".

The giveaway was that the bank only ever asks for two digits from your PIN and if you get them wrong you get the same page again and are asked to enter the same two digits.
You are never asked for the whole PIN, and you are never asked for two different digits if you get the first two wrong.

The worrying thing is that this wasn't done through a scam E-mail, it was by being redirected to a fake web page from a real one. Presumeably this was through a worm or spyware programme that came in unseen from another file or website.

Anyway, I was lucky. I spotted it in time and the only effect it has had is that I will have to wait a few days for new security details before I can bank online again.

Don't let it happen to you. If in doubt, logout and 'phone the bank straight away.

Fruitcake

You Only Listen To Me When I'm Wrong

Justicia

Fruitcake wrote:

In the middle was a message saying that my information had not been recognised and invited me to enter my PIN in the space provided.

Well done in spotting the fake! Sadly, many people evidently do not and continue adding their full PIN number, while the scammer smugly looks on from his/her net connection...

Be sure to advise others, that you know use internet banking, of your story as education is the key in preventing this kind of fraud.

Browntoa

there is a new "sticky" in the Techie part of the forum on how to effectively deal with these sort of infections

http://forums.moneysavingexpert.com/showthread.html?t=133269

ditzymuppet

Heya

I've just been doing a module on this @ uni [cyber crime].

Hackers (usually from Russian gangs/people not based in the UK) hack into one page so that you get the one main page, which takes you through to the hacked link...it'll usually look very professional, which is how the money is made...

Unfortunately this form of hacking undermines the security offered by online banking. But as long as you are sensible, that's the main thing.

Good luck with clearing your computer of all the bugs and yucky bits

~ditzy x

waterbaby

The halifax login just asks for user name, password and a question eg first school. There's no random digit stuff. That's bad, isn't it?

Justicia

waterbaby wrote:

The halifax login just asks for user name, password and a question eg first school. There's no random digit stuff. That's bad, isn't it?

I would actually suggest that generally it is not.

Unless you flash your password around to all, then you should be fairly safe. Also make sure that your password is a long, combination of both numbers and letters and even better.

Do as the OP has done and check any suspicions out with the account provider (bank, etc.), do not ever give your PIN to a website (as you will NEVER be asked for it by a legitimate site) and all will be safe.

Be proactive against fraud and there's very little chance of an issue arising

peter_the_piper

And don't let your browser remember the password. Its ok for this site but hazardous for Banks

gromituk

waterbaby wrote:

The halifax login just asks for user name, password and a question eg first school. There's no random digit stuff. That's bad, isn't it?

It's not too bad because the question will be randomly picked. There may not be many different questions, though.

Alliance and Leicester is even worse as it just asks for your customer number and 5-digit PIN. However, once you are in, it asks for 2 digits of another secret string whenever you do something like transfer money.

Nationwide asks for two digits of a six-digit code, from a drop-down menu which you select with the mouse, making it impossible for simple keystroke loggers to get the information.

debjacks_2

Hi, my mum has just arrived home from the city today in tears. She went into a shop to pay for some items to have her card rejected. She then went to withdraw cash from a cash point only to also be refused, thinking nothing of it decided to go home, luckily a sister had rang and convinced her to go into her bank. She was then told her account was overdrawn and there was a hold on the account. A bet with an online company BET365.com had taken payment of £2000 for a bet placed on Tuesday, thus clearing out this account. My mums only bet is on the lottery! The bank were kind of sympathetic but made her cut up her cards and return her cheque book to them there and then. They say they will get their fraud department to look into it but this will take days. My mum was saving for 2 of my sisters who are getting married shortly. Might I also say the reason i am posting here is because my mum banks with the Alliance and Leicester.
Please can any one help or assist us in this as my mum is devestated.
Surely for a transaction of that size the bank should have called to check it was correct or the company atleast ask questions.
Is the bank liable or is my mum?
Joke of it is tomorrow is payday and she can't touch it.
She was told the bank think it is card cloning but mum does use the website more than a cash point and a couple of weeks ago had managed to lock herself out of her account and had to be reissuesd with new details. Could this be how it has happened?

Browntoa

get her to check her PC by following the thread I posted back a few posts

Becles

I was in a similar situation with Smile bank. I'd never used my debit card on the internet, never let it out of my site in shops, and had never noticed any card readers on ATM's. However, someone still managed clone it and cleaned out my account. The purchases were made in Hong Kong. The cloned card had my sort code and account number on, but it had a foreign gentlemans name on it. Smile said there are criminal gangs who have card number generating software which generates valid card and expiry date combinations which they put on cards with fake names, which they said had probably happened with mine.

Smile were really good about it though. They stopped the debit card and returned the stolen money to my account immediately. A new debit card was sent out within a few days.

At the time I was on holiday in London for a few days and first became aware of the problem when an ATM "ate" my card. As I was unable to get cash, they made arrangements for me to collect some cash in person from a London Co-Op bank branch.

I would go back to Alliance and Leicester and see if they can arrange for some or all of the money to be returned while they investigate. It's not fair leaving your mother with no money while they sort it out.