We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Warning about trojans - especially if you are a Yorkshire Bank customer!
Options
Comments
-
Note: I am not being sarcastic, OSX is distant cousin of Linux. A Unix OS that has been !!!!!!!ised by Apple and made closed source.
Update: Ten point if you guess the word MSE has blanked out. I used it for it's true meaning not to curse.
I read past the exclamation marks and I claim my 10 pointsYou've never seen me, but I've been here all along - watching and learning...:cool:0 -
LongTermLurker wrote: »I read past the exclamation marks and I claim my 10 points
:rotfl: Good job.Anything I post is my opinion, so from time to time I may be wrong. I try to provide answers based in fact, however I don't know everything, so (like all posters on MSE), take what I say with a pinch of salt.0 -
Anti-virus definitions are reactive by nature. They cannot detect something they have not seen before.Surely its just down to the user having anti virus, a firewall plus any other protectiona nd keeping it uptodate, keep the passwords all different and include numbers, capital letters
There are kits available for building and obscuring bespoke malware which won't be detected by anti-virus software. The likes of virus total where you can upload files to and have a lot of AV products scan can give the bad guys an advantage - they just keep tweaking their malware until nothing detects it.0 -
There have been changes to the Yorkshire Bank Log-in page this month.
Three entries have to be made to access the account:
1 A customer personal number, not related to the bank account number
2 Three specific but random characters from a password
3 A piece of memorable information
A screenshot would not show the answers in 2 or 3, as the characters entered are not displayed.
Item 2, even if key-logged, would require both the screenshot and the keylog to identify position and the identity of the three characters requested and several log-ins would need to be recorded in order to work out the complete password.
The log-in is now much more secure than when this thread started but is still not so secure as the LloydsTSB site which uses a series of drop-down options to select the similar information in 2 above.
As far as I can see, the info above is incorrect. They havent changed anything. YB may be intending to make some changes but the login procedure is still exactly the same as it was before.0 -
As far as I can see, the info above is incorrect. They havent changed anything. YB may be intending to make some changes but the login procedure is still exactly the same as it was before.
Funny, mine no longer asks for the password in it's entirity and asks for three random characters..
The main problem I can see in using drop down boxes for anything other than numbers is the combination of capital and lower case letters, numbers and punctuation marks would be a massive amount, which would lead to a lot of confusion.0 -
Heuristics.mr_fishbulb wrote: »Anti-virus definitions are reactive by nature. They cannot detect something they have not seen before.You've never seen me, but I've been here all along - watching and learning...:cool:0 -
True, it is possible for an antivirus to detect 'suspicious' behaviour, but you do seem to miss the paragraph where mr_fishbulb describes the process of designing malware specifically to get past antivirus engines. Anyone who believes they are invulnerable to malware because of the antivirus software they run is fooling themselves. It reduces the risk, but doesn't remove it, which is the point I think mr_fishbulb was trying to make.LongTermLurker wrote: »Heuristics.0 -
Anyone who believes they are invulnerable to malware because of the antivirus software they run is fooling themselves. It reduces the risk, but doesn't remove it, which is the point I think mr_fishbulb was trying to make.
It is always a question of trying to minimise the risks - that calls for multiple approaches firewall, malware/spyware detectors, anti-virus, prudent use of internet and above all common sense.0 -
Agreed, but my point was that it is possible to detect something you've not seen before, whether you're talking AV or Intrusion Detection. Unfortunately, a lot of AV products turn off heuristics by default and they can give rise to false positives.True, it is possible for an antivirus to detect 'suspicious' behaviour, but you do seem to miss the paragraph where mr_fishbulb describes the process of designing malware specifically to get past antivirus engines. Anyone who believes they are invulnerable to malware because of the antivirus software they run is fooling themselves. It reduces the risk, but doesn't remove it, which is the point I think mr_fishbulb was trying to make.
td has it right ^^ - layered security and being "web wise" is most important, though I'm not suggestion everyone goes out and buys an IPS system!You've never seen me, but I've been here all along - watching and learning...:cool:0 -
True, but the point I was making earlier is there is only so much this can do. You can make yourself a harder target than the next guy by due diligence on your security, but as long as banks use one-factor authentication, we will all be at a higher risk.It is always a question of trying to minimise the risks - that calls for multiple approaches firewall, malware/spyware detectors, anti-virus, prudent use of internet and above all common sense.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.1K Banking & Borrowing
- 253.2K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244.1K Work, Benefits & Business
- 599.1K Mortgages, Homes & Bills
- 177K Life & Family
- 257.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards