Warning about trojans - especially if you are a Yorkshire Bank customer!

masonic

Andystriker wrote: »

I use AVG and Spybot Search & Destroy and run scans weekly.

If any of us were attacked by these trojans and they were successful in emptying our accounts with keylogging or Copy screenprints who would take the final loss?

Would the bank/building society stand the loss or would we customers lose the money.

In my case we are talking my life savings, so this is serious.

Andy

As long as you follow your bank's advice on keeping your PC and passwords secure, then they will normally reimburse you for this type of fraud. Of course, you shouldn't neglect the issue of not having access to the money for some time if something like that were to happen.

The one thing you are doing at the moment that might be a problem is keeping a record of your passwords. You should avoid doing that, but if you have to do it, do it in such a way nobody could find out you were doing it.

david39

There have been changes to the Yorkshire Bank Log-in page this month.

Three entries have to be made to access the account:

1 A customer personal number, not related to the bank account number

2 Three specific but random characters from a password

3 A piece of memorable information

A screenshot would not show the answers in 2 or 3, as the characters entered are not displayed.

Item 2, even if key-logged, would require both the screenshot and the keylog to identify position and the identity of the three characters requested and several log-ins would need to be recorded in order to work out the complete password.

The log-in is now much more secure than when this thread started but is still not so secure as the LloydsTSB site which uses a series of drop-down options to select the similar information in 2 above.

td_007

First of all a firewall is important - this is more like putting a door to you house. Rather than letting someone in first and deciding to kick them out or offer them tea, you would prefer to know who it is before letting them in the first place. A firewall essentially does this by allowing you to control which programs access the internet and whoconnects to you via internet.

Andystriker wrote: »

I use AVG and Spybot Search & Destroy and run scans weekly.

And I also assume you have them on auto-update mode so that new definitions are added as soon as they are available and the program is set to auto scan (not sure if it is possible with AVG) any dowloads or programs that are or are being executed or attempting to connect to the internet

Andystriker wrote: »

If any of us were attacked by these trojans and they were successful in emptying our accounts with keylogging or Copy screenprints who would take the final loss? Would the bank/building society stand the loss or would we customers lose the money.

Banks do make it a point to insist that we have up-todate protection in place. This however is too general requirement and my guess is for the time should anything happen along the lines you mention banks will refund.

But all this could change as it is happening with cards and PINs. Initially banks quite easily refunded money lost through ATM fraud but now banks are becoming more reluctant.

In future you might see banks insist that you install a particular anti-virus or program without which they will not provide a guarantee.

butterfly72

Andystriker wrote: »

If any of us were attacked by these trojans and they were successful in emptying our accounts with keylogging or Copy screenprints who would take the final loss?Andy

I had one of these trojans on my computer and they managed to get into my A&L account and take 2K. When I phone A&L they were crap and I had to tell them to block my account!! I had no idea that I had the trojan as the A&L log in page looked just the same as normal, the difference being that they asked for my password (which they don't normally do at the log in). I just thought they were being extra cautious! BTW, they refunded the money the next day.

The trojan also targeted my halifax login page, but that looked different and I knew something was up. I rang them and they were really good and very efficient.

As well as using all the virus checkers and malware checkers and the like, I also read that using Firefox is more secure than explorer. I'm still looking into this. Theres a good thread on the techie board on this subject.

Andystriker

masonic wrote: »

The one thing you are doing at the moment that might be a problem is keeping a record of your passwords. You should avoid doing that, but if you have to do it, do it in such a way nobody could find out you were doing it.

If I keep my passwords on a usb memory stick (not my hard-drive) how could they find out I was doing it. I certainly would not tell them.

td_007

butterfly72 wrote: »

I had no idea that I had the trojan as the A&L log in page looked just the same as normal, the difference being that they asked for my password (which they don't normally do at the log in). I just thought they were being extra cautious! BTW, they refunded the money the next day.

The trojan also targeted my halifax login page, but that looked different and I knew something was up.

You are absolutely right - the fake login pages are beginning to look more and more like the original pages.

However, the first thing one need to look at even before looking at the login page is web address and make sure it starts with https - it is the "s" at the end that tells you if it the orginal secure page. Additionally, you will also see a lock symbol at the bottom (usually) of the screen. If there is no "s" and no lock - never put in any personal information.[/QUOTE]

masonic

td_007 wrote: »

In future you might see banks insist that you install a particular anti-virus or program without which they will not provide a guarantee.

As much as I hope this will never happen, banks seem to already be moving in that direction. For example, Natwest already recommends all of its online customers install 'Trusteer Rapport', begging the question, what happens if someone falls victim to online fraud and hasn't done so?.

Andystriker

td_007

I do an update on AVG every time I turn the computer on. I have a Windows Firewall.

I always check the 'S' after http.

Also I use software called rapport. This was downloaded from the Nat West site and confirms the bank site I am on is genuine.

I don't know what else I can do.

Andy

masonic

Andystriker wrote: »

If I keep my passwords on a usb memory stick (not my hard-drive) how could they find out I was doing it. I certainly would not tell them.

There's not really any difference between storing it on USB or a hard drive as far as that is concerned. It's been shown that even information on external media will tend to leach onto the hard drive of a PC when it is accessed. However, I don't think banks are in the habit of impounding and searching the PCs of fraud victims.

The most likely way they would find out is if somebody else were to let it slip.

Extant

masonic wrote: »

As much as I hope this will never happen, banks seem to already be moving in that direction. For example, Natwest already recommends all of its online customers install 'Trusteer Rapport', begging the question, what happens if someone falls victim to online fraud and hasn't done so?.

The Banking Code says that...

Banking_Code,_section_12.13 wrote:

Unless you have acted fraudulently or without reasonable care (for example by not following the advice in section 12.9), you will not be liable for losses caused by someone else which take place through your online banking service.

The cited section 12.9 says that:

Banking_Code,_section_12.9 wrote:

Online banking is safe and convenient as long as you take a number of simple precautions. Please make sure you follow the advice given below.

• Keep your PC secure. Use up-to-date anti-virus and spyware software and a personal firewall.
• Keep your passwords and PINs secret.
• We (or the police) will never contact you to ask you for your online banking or payment card PINs, or your password information.
• Treat e-mails you receive from senders claiming to be from your bank or building society with caution and be wary of e-mails or calls asking you for any personal security details.
• Always access internet banking sites by typing the bank or building society’s address into your web browser. Never go to an internet banking site from a link in an e-mail and then enter personal details.
• Follow our advice – our websites are usually a goodplace to get help and guidance on how to stay safe online.
• Visit www.banksafeonline.org.uk for useful information.

It is up to the bank/building society to prove that you did not act with care, you do not have to prove you acted with care.