2K taken from account - online fraud

butterfly72

I've had 2K taken from my A&L account. It cant be a chip and pin fraud because I have never used my card!

I have had problems with my computer recently which I thought were sorted. Today I was unable to log in to my Halifax account and noticed the log in page was different. I phoned them, explained and they suggested it might be a virus. They suspended my account and I ran a virus checker picking up trojans and virus etc. Anyway, I was then able to get in to my halifax account.

I then decided to check my A&L account.. and sure enough 2K had been taken out..:mad: it looked like a regular payment. I've phoned A&L and they have suspended my account and will investigate. Is there anything else I can do/need to do? Would I normally get the money back? Is there any guidance on MSE that I can read?

Many thanks

ray123

The Banking Code:

10.3 If we confirm a transaction is unauthorised, we will
refund any interest charged, unless you have acted
fraudulently or without reasonable care (see under
sections 12.5 and 12.11).

12.5 • Try to remember your PIN, password and other
security information, and securely destroy the
notice as soon as you receive it.
• Never write down or record your PIN, password or
other security information.

Liability for losses
12.11 If you act fraudulently, you will be responsible for all
losses on your account. If you act without reasonable
care, and this causes losses, you may be responsible
for them. (This may apply, for example, if you do not
follow section 12.5 or 12.9 or you do not keep to your
account’s terms and conditions.)

butterfly72

Had a phone call from A&L this am. They have already refunded the 2K! Seems a bit quick. I wonder if they knew something about the account the money went to?!? I thought they would have to investigate and it would take a couple of months.

It looks like the virus had altered the log in page and it asked for additional information which was then copied/intercepted. I now do remember entering my password which you don't normally do at the log in page. You normally just use the password when you set up a new payee. I just thought that A&L were asking for extra security details... a good thing:eek: Oh course they got my details, went in and set up a payment.

Whats scarey is that I went to the log in page as normal through my favourites. I didn't open a phising email. I've now been advised to never go through my favourites but through a search egine. I didn't realise you shouldn't go through favourites.

Anyway my lessons learnt are:

• if the log in page looks different don't assume that they have changed the log in page. Be suspicious!!!!
• If you have to give any additional information: DON'T!!!
• Dont go through favourites to get to the banks site
• Occasionally change log in details and passwords etc.
• Run anti malware/virus etc a bit more often

I hope this helps someone! and if you have any more tips please let me know!

ray123

My online accounts give the time and date last logged in (in top right corner).
Each time you log in, make a note of it in your calender on your mobile.
Next time you log in, check that the time/date correspond to the info in your phone!

Also, I now use firefox, as internet explorer seems to be more susceptible to hackers and malware.
With firefox, you are able to turn off the javaware script, etc.

martafdz

I also use Firefox.
I always check that the url that appears in the bar is the address of my bank, and not some strange looking one.
When it's a secure website (paypal, online banking...), I have a green icon thing next to my address bar, so I always see if it is there.
I always type the url of the bank, then acces to the online banking option from there.
I never ever give my full password, actually, if for whatever reason it gives me the message of "your password was wrong, please try again" and it asks for different characters, I again double check that everything looks normal.
I always check that the time and details of my last login, as they appear in the welcome screen, are right.

About giving you the money back, I thing you were right by contacting your bank inmediately. Transfers, standing orders and similar things can be claimed back sometimes, as long as this is done in the same day before 3pm or so. I am not sure if all the banks do it, I know mine does, unless it is a faster payment, which you can't claim back.

This happened in my branch a while ago: a customer came in to withdraw quite a large amount of money from an account. He didn't have the card with him, but he could answer every security questions, including security password and details of the account. One of my colleagues was quite suspicious, as the guy seemed a bit "in a rush" and he was not known by anyone. Just in case, he decided to call the telephone number that appeared in the system for that customer. Somebody answered and said he was the account holder. When asked for security questions to confirm he was who he said he was, he said that someone had called him before to do exactly the same, and asked if everything was ok. At the end we found out that the guy at the counter (or any other working with him) called the real customer and told him that they had detected some attempts of fraud on his account, they prompted him to reset the password and security questions, but as he was at work at the time and there was no time to lose, they asked him to give the details over the phone so they could change them for him and prevent any access to his details. With this, they had access to all his details and accounts, they made some transfers online, but as there was a limit, they decided to go into different branches to withdraw some cash aswell. The real customer was shocked. Never, ever, ever give your password. If someone claims to be calling you from the bank and asks you for details, ask them in which branch they are, what's their name and say you are calling them back. Look up the number on the yellow pages and call to the branch. If they say it's a call center or a customer service thing, say that you will deal with that on branch, and call then the branch to check if whatever they have told you over the phone is right. But again, never give any password!
I just received two emails for phising Paypal accounts this week, I often receive emails from banks I do not even bank with. In doubt, never click a link, go to the browser and type the url address yourself.

butterfly72

ray123 wrote: »

Also, I now use firefox, as internet explorer seems to be more susceptible to hackers and malware.
With firefox, you are able to turn off the javaware script, etc.

Please can you explain the relevance of javaware script etc in relation to malware and hackers.:o Thanks

I've had a look at Firefox and it looks very good. I'm going to consider it!

456789

Javascript can be used to make websites do fancy things unfortunately hackers can also modifty pages with scripts and steal info sometimes. You can block javascript by using firefox addons such as noscript but then some websites won't work properly

bubblesbonbon

Hi
I do not want to turn this post into a techie discussion since there is already an excellent forum here that contains sound advice regarding on line security.

However, I would like to point out that there are some viruses/trojans out there that can manipulate the address that ANY browser is pointing to, whether this is typed in directly or referenced from favourites or bookmarks. One way that they do this is by changing a small file buried in the Windows directory called “hosts” that acts like as a first line look up for internet addresses.

There are plenty of articles that describe the hosts file on the internet but the point that I would make is that the first line of defence against such attacks is a good, regularly updated anti virus package or better still, an Internet Security Suite (backed up with a couple of malware scanners if you do a lot of gaming or other interactive stuff)

Here is a link to a good bit of more detailed advice from the MSE Techie board
http://forums.moneysavingexpert.com/showpost.html?p=19207201&postcount=1161

If you add these measures the common sense rule of NEVER responding to any request, no matter from which source, for banking or personal details, then you should be able to rest easier than a MP on Valium.

10_66

butterfly72 wrote: »

I've now been advised to never go through my favourites but through a search egine.

I didn't realise you shouldn't use favourites either, but if you search for a website through a search engine, how do you know that the result produces a legitimate website? If you don't know exactly what the web address is, is it not possible for a fake site to come up via a search? Sorry if I should know the answer to this.

ray123

Am not too sure, but would imagine that the website itself would be in someway corrupt. It has been done to an extent a year or so ago, but was fixed immediately. It seems that the internet itself is full of anomolies and loopholes!
When on the required website, as mentioned above, be vigilant. When signing into an online account, you should be connected to a secure server. If you click the padlock on the address bar, a security certificate will be displayed from the revelant bank.
Also, on a secure site the web address will begin https rather than http. Again, not sure why, but it is something to keep an eye on!