Bank Fraud (Update)

Ricky116

Hi, I was just wondering if anyone here has any experience or advice regarding bank fraud.

Yesterday I checked my online banking (I'm with Northern Bank) and ensured that I had correctly recieved my student loan. A few hours later at an ATM, I found that my balance was ~£7 and I returned home to find a large ebanking transaction had been authorised to a name and account I did not recognise. I immediately blocked my online banking service. The transaction and subsequent discovery/blocking happened within only a few hours.
After calling them this morning at 9am, I was told that he had never seen an ebanking case like this and that his experience was only of ATM fraud (which was worryingly "strange").

Does anyone know how the e-safekey system could be bypassed? The thief could not possibly have used my PC which holds the only e-safekey file that I have. Not only this, but he knew my password as well.

I am assuming I have some sort of keylogger on my PC (which is worrying me no end, AVG isn't finding much), but would it be possible for a criminal to find and upload my e-safekey from my PC without my knowledge?

Any kind of thoughts or experiences are welcome, as to be honest I am very worried. Thanks in advance!

Richard

Update:
Thought I'd update this for anyone going through the same thing.
After talking to my branch on Monday I was called on Thursday morning and told that the money would be back into my account later that day. The lady said that all she knew was that the money had been taken out of the other guy's account and transferred back to Northern Bank - it did seem like her manager was the man that sorted it all out.
I was told they would send me out an diagnostic CD to see how the transaction took place and possibly help them in the future. I find it quite reassuring that they are going to the effort to combat the fraudsters.

Anyway, money is back in my account. Lost of Friday night and returned on Thursday morning. Super service by Northern Bank in my opinion, and thankfully they didn't seem to be suspicious of me which I had feared.

Richard

pmduk

I no longer trust AVG after getting a virus whilst using it. Try a Malwarebytes anti-malware scan, which can be run in addition to an anti-virus programme

Azrael_1701

Ricky116 wrote: »

Hi, I was just wondering if anyone here has any experience or advice regarding bank fraud.

Yesterday I checked my online banking (I'm with Northern Bank) and ensured that I had correctly recieved my student loan. A few hours later at an ATM, I found that my balance was ~£7 and I returned home to find a large ebanking transaction had been authorised to a name and account I did not recognise. I immediately blocked my online banking service. The transaction and subsequent discovery/blocking happened within only a few hours.
After calling them this morning at 9am, I was told that he had never seen an ebanking case like this and that his experience was only of ATM fraud (which was worryingly "strange").

Does anyone know how the e-safekey system could be bypassed? The thief could not possibly have used my PC which holds the only e-safekey file that I have. Not only this, but he knew my password as well.

I am assuming I have some sort of keylogger on my PC

Very possible

(which is worrying me no end, AVG isn't finding much)

AVG isnt the greatest (especially the free version)

but would it be possible for a criminal to find and upload my e-safekey from my PC without my knowledge?

Depending on how you use your PC, it could be anywhere from extremely easy, to moderately hard.

Any kind of thoughts or experiences are welcome, as to be honest I am very worried. Thanks in advance!

First thing to look at is what you use for your password, it is a really bad idea to use a very simple word, for example !!!!!!!". Many sites require a number, but something like !!!!!!!1" is almost as insecure with the number as it is without. What you want to do is create a little sentence such as "ILikeBananas" and then add in numbers and special charaters such as, "!Lik3B4nana5".

Richard

and i need 10 characters outside the quote....

Olipro

it is very probable that you have a rootkit resident in your MBR.

you can boot your OS install CD and use the recovery console to replace the MBR, but it might just restore itself at next boot; personally, I'd overwrite the MBR manually then do a complete reinstall straight away/

SimIsOnTheUp

Olipro wrote: »

it is very probable that you have a rootkit resident in your MBR.

you can boot your OS install CD and use the recovery console to replace the MBR, but it might just restore itself at next boot; personally, I'd overwrite the MBR manually then do a complete reinstall straight away/

/GeekSpeak

I doubt very many people understood any of that! :rotfl:

Ricky116 -

Good Luck with getting this sorted out.

Olipro

SimIsOnTheUp wrote: »

/GeekSpeak

I doubt very many people understood any of that! :rotfl:

Ricky116 -

Good Luck with getting this sorted out.

this is the internet, I'm sure you're not too stupid to use Google if you don't understand the terminology I use.

Savvybunny2009

Wow, that is awful, I really feel for you.

I would agree there is probably a trojan and a logger on your computer where the criminal has had access to all your information. Unless you have wireless broadband and the password was something really easy to crack, then they would be able to see your screen and details.

Either way I would suggest for ebanking switching over to somewhere like barclays that has pinsentry. The fraudster would have to have your card and pin, to be able to request a unique login code through the cardreader to access your internet banking.

Will they be refunding the money, I'm not sure banks can do that can they? Debit cards and credit cards have fraud protection but do bank accounts?

rb10

Savvybunny2009 wrote: »

Either way I would suggest for ebanking switching over to somewhere like barclays that has pinsentry. The fraudster would have to have your card and pin, to be able to request a unique login code through the cardreader to access your internet banking.

Not worth it. Just make sure you have the account that best suits your needs. All the banks have fairly decent internet banking security.

Will they be refunding the money, I'm not sure banks can do that can they? Debit cards and credit cards have fraud protection but do bank accounts?

I'd expect so! I know someone who had fraud on their Halifax account (£3k transferred to a Natwest account online) - they had responded to a phishing email. Two days after reporting it to Halifax, they refunded the money in full.

Ricky116

rb10 wrote: »

I'd expect so! I know someone who had fraud on their Halifax account (£3k transferred to a Natwest account online) - they had responded to a phishing email. Two days after reporting it to Halifax, they refunded the money in full.

Thanks for the re-assurance. It's the weekend so I'm not able to get the ball rolling fully yet (probably no coincedence). For the minute I have a good friend to sort me out living costs wise, but I'm finding it hard to be optimistic on the timescale... 2 days would be fantastic!

Olipro wrote:

it is very probable that you have a rootkit resident in your MBR.

you can boot your OS install CD and use the recovery console to replace the MBR, but it might just restore itself at next boot; personally, I'd overwrite the MBR manually then do a complete reinstall straight away/

I need my PC at the minute, but as soon as this mess is sorted I will be deleting everything on my hard drive comprehensively using something like DBAN, installing windows 7 and securing it with avg and zone alarm (and other anti-malware software). If I need to access anything important in the mean time I will be using the university computers.

I will be requiring a student account in England (Northern Bank is a Northern Irish bank, which means should I lose the card I have no access) so I'll be switching main accounts soon anyway.

Thanks to everyone for their input!

elfen

Don't use AVG, I'd reccomend something else like the free version of Avast, it's a lot better and it isn't bloatware, so runs pretty quick. Installed it on a friend's machine the other night and he says its a lot faster now with it

Ricky116

Updated. Thanks!