We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Internet banking security
Comments
-
No, it's accurate based on my experience working in this arena.JustPassingBy wrote: »DNSSEC goes a long way to mitigating the problem so to characterise DNS spoofing as 'common' is alarmist.
Remind me, how widespread is the use of DNSsec? How many competing standards are there?
If an attacker has changed your DNS setting, do you think they may not have *thought* of dealing with DNSsec (when it FINALLY becomes something they even need to deal with)?
Naturally you would know that the first part of the name resolution process will start in the hosts file anyway, before it even makes a call across the netowrk for DNS(sec) anyway. Job done.JustPassingBy wrote: »Also, a login to a banking site will involve an https link and its associated, checkable certificate. Yes, all things may be capable of being circumvented but a direct link (or a bookmark) is the best you are going to get if you want to manage your finances over the net.
The way you enter the site name is largely academic. The final destination will still be under the control of the miscreant. I do agree, however, that you would *never* click on a link in an email and expect it to be kosher.
As for SSL/TLS; it's also easy to defeat using a number of well known methods ranging from SSLStrip, renegotiation attacks, weak ciphers and even obtaining a cheap certificate from someone like 'godaddy' for a subdomain of 'bank.com' using a pay-as-you-go credit card. This is all trivial stuff - and pretty much well documented.
What you really need to get a grip on is this; you are dealing with miscreants ranging from 'keen amateur' through to 'professional criminal' with extensive system(s) knowledge. Part of their 'magic' relies on half (or mis) informed computer users who have a false sense of security - they make the best victims.
I don't want to fight with you dude - it's like the kid says in the six sense 'they don't know they are dead, they only see what they want to see'.0 -
toastydave wrote: »Ok, so on Vista you can do this;
Go Start menu ==> Control Panels ==> Network and Sharing Center
Click Manage Network connection from the menu on the left hand side.
Right Click on the network adaptor you use to connect to the internet and choose properties
Click once on Internet Protocol Version 4 then click properties
Click the USE following DNS Server address
Enter
Primary - 208.67.222.222
Secondary - 208.67.220.220
Then Click Advanced
Then Click the WINS tab
Then uncheck Enable LMHOSTS lookup
Then ok all boxes as you close
Thanks, I tryed that and I still get the redirecting.0 -
ChiefGrasscutter wrote: »Now I also wonder how the scammer did the original fraud.
Assuming they got access to the account via the compromised PC which gave them the passwords and memorable info.......
Even so, you cannot authorise a payment to a "new recipient" without going through the lloyds automated telephone authorisation system to approve it being added to your payees list....and no, the scammers can't change the registered telephone numbers on the lloyds system to the scammers own ones and immediately authorise the "illegal" payment: lloyds block that one!
The lloyds system also confirms all new payments set up by text message to your mobile.
So I wonder how the scammers set up a new payment?
What version of "Norton" is the OP running (is it for example Norton internet security 2011 or something much older like Norton anti-virus 2005)?
you say you "ran a scan" did you ask for a quick or full scan?
Modern versions of norton will be doing daily scans both quick and full as appropiate in the background anyway.
I cant speak for the original poster but I am with the Halifax.
The scammers got into my ISA transfered it to my Currant account set up a quick payment and took 3 x £450 withdrawals. I dont know why they did 3 x £450, maybe to keep it under the radar? but what I cant understand why no alert from Halifax especially as all withdrawalls were within 2 minuits.
I have done loads of scans both with McAfee and Malwarebytes in safe and normal mode. They havnt picked up a virus in the last few scans0 -
Could be a proxy redirect;
Open internet explorer
then Click on the tools menu and then internet options
Click on the connections tab
Click on LAN settings
Check the the use proxy box is uncheckedTo alcohol! The cause of... and solution to... all of life's problems!:beer:0 -
a direct link (or a bookmark) is the best you are going to get if you want to manage your finances over the net.
Not so, you could find the ip address of the site you wanted and save that as a bookmark in numeric form, this would then be immune to DNS spoofing.
Remember that any form of named address Bookmarked, linked or typed can be spoofed
You could just download raport, to secure your connectionTo alcohol! The cause of... and solution to... all of life's problems!:beer:0 -
They are unchecked.0
-
Remind me, how widespread is the use of DNSsec? How many competing standards are there?
100% here. Which is all that matters.
There is only a single entry for localhost.Naturally you would know that the first part of the name resolution process will start in the hosts file anyway, before it even makes a call across the netowrk for DNS(sec) anyway. Job done.0 -
Malwarebytes' Anti-Malware 1.50.1.1100
Database version: 5964
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
05/03/2011 16:05:36
mbam-log-2011-03-05 (16-05-36).txt
Scan type: Quick scan
Objects scanned: 179833
Time elapsed: 9 minute(s), 32 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\Daz\local settings\temporary internet files\Content.IE5\WL250ES0\calc[1].exe (Trojan.FakeMS) -> Quarantined and deleted successfully.Just done another scan0 -
Dont want to speak too soon BUT since last scan & reeboot IE is opening without the search enjine. Google looks to be functioning OK0
-
Everything seems ok apart from this when my wife logs in.
2 diolog boxes with X in the corner and OK button at bottom.
Error loading C:users\Pam\appdata\local\igXAPE.dll
&
Error loading C:users\Pam\appdata\local\onobudaxubigaxel.dll
I hvnt clicked OK just shut em down but they apear evey time she logs in.
Am I been over paranoid?0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.2K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards