Bitcoin account compromised. Bank refuse to refund.

woofdonkey

If the bank is saying that the transaction came from your home network, the most obvious question is who else has access to your network and what devices you have that may be compromised. The user agent (Windows PC in this case) could be spoofed fairly easily via a browser, so I dont think that holds much weight. But on the other hand, you haven't said what kind of anti malware software you run.

The second question is the use of 2FA via SMS. Yes, it can be spoofed but the more likely explanation would appear to be that someone in your home has access to your phone as well as your wifi.

Third question - where is the bitcoin now? You should be able to see the address it was sent to. Have you used a blockchain explorer to find out how many transactions are going in and out of that wallet? More useful clues.

Tl;dr. Without any info on who you live with, what devices they have, who has your phone passcode etc, I'm not sure what you think people here will do to help.

masonic

!!! wrote: »

How about not starting stupid forum posts?

How do they know it was from a Windows PC?
What made them come to that result?

Presumably the User-Agent header, which of course can be spoofed.

AnotherJoe

Forget the IP stuff, who knows your banking details?
You've evaded questions asking you who else has access to your computer. You've also not responded when asked if you've got malware on your PC though if you did, then a mere £650, unless that cleaned out your bank account, would seem to indicate it wasn't that.
Most likely explanation by far, soemone in your household is a thief and has got your bank account details.

Second but not very likely, you've got malware on your computer. But extremely unlikely because it woudl appear to have come from your normal device in that case.

Least likely by a very very long way, ultra sophisticated hackers have managed to crack your bank account and spoof your IP all to steal £650.

masonic

AnotherJoe wrote: »

Second but not very likely, you've got malware on your computer. But extremely unlikely because it woudl appear to have come from your normal device in that case.

The second explanation is even less likely when you consider they would have had to compromise the OP's computer AND phone to complete the transaction.

AnotherJoe

masonic wrote: »

The second explanation is even less likely when you consider they would have had to compromise the OP's computer AND phone to complete the transaction.

Is the phone needed to complete the tansaction?

AndyPix

I do this stuff for a living (IT security). All the stuff mentioned here is technically possible except the part about diverting SMS messages - that one isnt.


OK, perhaps cracking the actual infrastructure would do it but that isnt going to happen aside from state level espionage stuff.


This whole thread just doesnt read right.. There are ONLY 2 possible conclusions here ..


1. The OP has been ripped off in some way - possibly trying to buy something dodgy online and had his fingers burnt - now wants the bank to refund him and is coming on here looking for ideas.


2. Someone the OP lives with has shoulder surfed his creds out of him and done a quick transfer whilst he was out of the room and not with his phone.


Yes, I theoretically could have parked outside your house with my pringle tin "can-tenna" and cracked your wifi network .. I could have even then poisened the ARP table and started to spoof your router , stripped the SSL out of your traffic and looked at all your key presses - or even altered your hosts file and then spoofed the bank page .. There are loads of possibilities ..


But .. What i couldnt have done, is received that 2fa SMS


Unless i had previously called the bank and persuaded them to change my mobile number on file

.. But the OP makes no mention that this has happened ..


So my money is on 1

masonic

AnotherJoe wrote: »

Is the phone needed to complete the tansaction?

Yes, Coinbase sends a code by SMS to confirm a transfer of cryptocurrency.

Michael23

Coinbase has since emailed me to tell me my account was indeed compromised, i'm guessing my computer and/ or my phone were compromised without me knowing, i'd like to think family or people coming over wouldn't try to scam me but i have nether the less contacted the online cyber and fraud centre.

Flobberchops

OK. Are Coinbase going to refund you?

unforeseen

Ethernet packets contain the MAC address of the originating device