internet banking fraud

chainsaw

I have just discovered that I have lost several thousand pounds by internet banking fraud. It seems that whilst on my banks website I was asked to reset my card reader which I did however what I was actually doing was giving the the OK for a deduction from my account. Looking back I can see it was a mistake but at the time it seemed convincing enough.

Obviously I want to warn people of this scam but I would also like to know if anyone else has had this experience? What happened? Did the bank cover the loss?

When I joined internet banking I only intended having my current account on line but my savings and credit card was also there. I think they just appeared but I might have asked for them to be there. I suggest to everyone they only have their current accounts on line. I may not even have that now.

Funkyfreddy

chainsaw wrote: »

I have just discovered that I have lost several thousand pounds by internet banking fraud. It seems that whilst on my banks website I was asked to reset my card reader..............

Chances are that were in fact somewhere else !

What took you to this website - an e-mail asking you to "reset" something ?

FF

MrsManda

This is a fraud which I believe has been going on for a while - Nationwide has a warning when you go to log on to your account to tell you that they'll never ask you to do this.
According to the warning it is caused by a trojan virus on your computer which recognises when you try to access your account via a bank website and redirects you. Not sure what you can do with regards to getting your money back, does your bank have a policy on fraud?
If you haven't already, you need to run a anti-virus check (preferrably a different one to the one you are currently using as standard as presumably that has failed to pick it up).

mr_fishbulb

Yeah it sounds like a man-in-the-browser trojan like Zeus.

Very dangerous because it has the ability (as you have seen) to get past multi-factor authentication by faking what the request is actually asking for. Here's how it works -

- You log into your internet banking like normal.
- The trojan kicks in and makes a request (appearing to come from yourself) to the bank to transfer money to the attacker's account.
- Your bank sends back the request for you to use your card reader to authorize the payment.
- Before the request is displayed on your screen, the trojan intercepts the request and changes it from "Do you want to transfer all your money to this bank account? If so type this into your card reader and input the result" to "You need to reset your card reader. Type in this code and then input the result".
- Assuming all you are doing is resetting your card reader, you put the code into the internet banking request which is then sent back to the bank. What has actually happened is you have authorized the payment from your account into the attacker's

Have you spoken to your bank about this?

What AntiVirus protection are you running?

hippey

Which is exactly why I like the Lloyds system, a bit odd but it strangely works.

chainsaw

mr_fishbulb wrote: »

Yeah it sounds like a man-in-the-browser trojan like Zeus.

Very dangerous because it has the ability (as you have seen) to get past multi-factor authentication by faking what the request is actually asking for. Here's how it works -

- You log into your internet banking like normal.
- The trojan kicks in and makes a request (appearing to come from yourself) to the bank to transfer money to the attacker's account.
- Your bank sends back the request for you to use your card reader to authorize the payment.
- Before the request is displayed on your screen, the trojan intercepts the request and changes it from "Do you want to transfer all your money to this bank account? If so type this into your card reader and input the result" to "You need to reset your card reader. Type in this code and then input the result".
- Assuming all you are doing is resetting your card reader, you put the code into the internet banking request which is then sent back to the bank. What has actually happened is you have authorized the payment from your account into the attacker's

Have you spoken to your bank about this?

What AntiVirus protection are you running?

Sounds something like what you said. it was all very slick I think it may have been a pop up but usually I am aware of such things. It asked me to reset my card reader which I was not worried about doing as I was not disclosing my pin number. Didn't think / realise the process I was doing was the same as making a transaction

I thought I was not stupid but may be I am. The lesson learnt so far is don't have any accounts such as savings accounts on line unless you really need them on line. Thats better than any virus preotection. (I was using AVG) Bought a new computer now and Norton and I am removing all my accounts from on line,

Time will tell what happens, talking to the girl at my branch she said she had never heard of anyone suffering an attack on internet banking!

Another general lesson is not to keep too much money in anyone account

chainsaw

The bank did not tell me about the fraud, I couldn't log in for a couple of days so I phoned to find out why and it was only then they told me about the fraud but they said they had managed to stop it. I expressed my surprise that no one had contacted me from the bank as soon as they knew about it! I came off the phoned and then someone else used it when they had finished the bank phoned again to say they had not managed to stop it after all! Strange but I assume a mistake.

I don't expect it to be resolved quickly, a missing cheque took about 6 weeks to find

Rupert_Bear

chainsaw wrote: »

Sounds something like what you said. it was all very slick I think it may have been a pop up but usually I am aware of such things. It asked me to reset my card reader which I was not worried about doing as I was not disclosing my pin number. Didn't think / realise the process I was doing was the same as making a transaction

I thought I was not stupid but may be I am. The lesson learnt so far is don't have any accounts such as savings accounts on line unless you really need them on line. Thats better than any virus preotection. (I was using AVG) Bought a new computer now and Norton and I am removing all my accounts from on line,

Time will tell what happens, talking to the girl at my branch she said she had never heard of anyone suffering an attack on internet banking!

Another general lesson is not to keep too much money in anyone account

I do all my banking online and savings. Unlike you I never reply or touch anything I am not expecting.

chainsaw

Rupert_Bear wrote: »

I do all my banking online and savings. Unlike you I never reply or touch anything I am not expecting.

Thanks for that Rupert you have been a big help. I can imagine myself saying exactly the same thing (but not to someone who had just lost several grand) yet here I am stung. Your turn will no doubt come.

mr_fishbulb

chainsaw wrote: »

I thought I was not stupid but may be I am.

Not at all. These attacks are getting very sophisticated and very profitable. It would catch out most people if they didn't know exactly what to look for.

Hope you get your money back soon.

opinions4u

mr_fishbulb wrote: »

Not at all. These attacks are getting very sophisticated and very profitable. It would catch out most people if they didn't know exactly what to look for.

I worked with another bank manager who clicked the wrong thing at the wrong time. £7k disappeared.