PC been hacked how do I protect my bank accounts ?

Aminatidi

NithyaH said:

I also find this all a bit hard to believe.  You often read about people being “hacked” when it’s nothing of the sort.  The more likely explanation is that this person uses the same username and password for multiple sites and someone has got access to them via a credential leak.  If it was a file that they ran then what website were they on, why would they ignore the warnings that any modern system would throw up, etc.?  It’s not credible unless there was also some element of social engineering too.

It's easy to assume that people are computer literate and actually know what they've clicked on and can remember exactly what happened.

Most likely the account on here is best endeavours trying to recount what happened having been through a pretty stressful experience.

Not to be funny but (and this isn't aimed at you) it seems a bit odd to be doubting the OP because Windows Smartscreen should have popped up or whatever the hell people think should have happened.

sparkiemalarkie

Hi thanks for the comments - I haven't read many of them ....
I thought I would briefly outline how this happened.

My son has had a youtube channel for many years and it has recently taken off- sky rocketed. He was approached by a number of companies offering sponsorship ie $xx.xx to run a 20 sec add at the start of 3-5 of videos.

Naturally he was interested. He chose the best fit - corresponded back and forth over a few days and agreed to sign the contract.
When he clicked on the contract the whole youtube and gmail accounts were hijacked. In less than 10 seconds all the log in details had been changed and he could not find a way to get back control of his account.
He had nearly $7,000 in his adsense account ready to pay out.

For me, I panicked...not knowing how much information could be stolen especially from the emails. His bank details were on the adsense account etc,etc. He could not find his gmail recovery codes.

This video pretty much outlines what happened from about 7:19 onwards
Exposing Sponsorship Scams: How to Avoid Being Scammed on YouTube
My sons content was removed from his channel and a 'live stream' about bitcoin video put on. (We found about 12 identical live streams running at the same time across youtube)

Youtube reacted quickly. In less than 36hrs he had regained control of his gmail and youtube channel.
The PC was wiped with a clean install of windows. All passwords were changed, adsense bank details changed, all bank log ins changed.

It's awful to feel so violated

sx

Prism

km1500 said:

running an arbitrary exe on your system would cause user account control to kick in and I can't believe someone would just arbitrarily say yes please run this 

changing your Google password when you are logged in does not require 2fa as you say but it certainly requires you to enter your old password first so an exe could not do that 

I am not 100% the full story is being told here

An example would be rather than running the application directly, an attacker would add it to the task scheduler and then get it to run almost immediately plus at every reboot. An application running as a task does not trigger UAC.

In general, once the download has been run then all of the next parts are human operated. At that point assume that an attacker has full access to the system, knows how to avoid being detected and can quickly find any saved passwords stored on the system.

Prism

NithyaH said:

I also find this all a bit hard to believe.  You often read about people being “hacked” when it’s nothing of the sort.  The more likely explanation is that this person uses the same username and password for multiple sites and someone has got access to them via a credential leak.  If it was a file that they ran then what website were they on, why would they ignore the warnings that any modern system would throw up, etc.?  It’s not credible unless there was also some element of social engineering too.

A good attacker can compromise an entire work network, steal data and install ransomware within 2 hours from that initial click on a phishing link. Stealing data from a single machine can take minutes.

masonic

sparkiemalarkie said:

Hi thanks for the comments - I haven't read many of them ....
I thought I would briefly outline how this happened.

My son has had a youtube channel for many years and it has recently taken off- sky rocketed. He was approached by a number of companies offering sponsorship ie $xx.xx to run a 20 sec add at the start of 3-5 of videos.

Naturally he was interested. He chose the best fit - corresponded back and forth over a few days and agreed to sign the contract.
When he clicked on the contract the whole youtube and gmail accounts were hijacked. In less than 10 seconds all the log in details had been changed and he could not find a way to get back control of his account.
He had nearly $7,000 in his adsense account ready to pay out.

For me, I panicked...not knowing how much information could be stolen especially from the emails. His bank details were on the adsense account etc,etc. He could not find his gmail recovery codes.

This video pretty much outlines what happened from about 7:19 onwards
Exposing Sponsorship Scams: How to Avoid Being Scammed on YouTube
My sons content was removed from his channel and a 'live stream' about bitcoin video put on. (We found about 12 identical live streams running at the same time across youtube)

Youtube reacted quickly. In less than 36hrs he had regained control of his gmail and youtube channel.
The PC was wiped with a clean install of windows. All passwords were changed, adsense bank details changed, all bank log ins changed.

It's awful to feel so violated

sx

Thanks for coming back to share more details. Goes to show there are some sophisticated scams out there and while they are usually targeted at high profile accounts, there are usually lessons in there for all of us.

Glad he was able to regain control of everything.

Sg28

sparkiemalarkie said:

Hi thanks for the comments - I haven't read many of them ....
I thought I would briefly outline how this happened.

My son has had a youtube channel for many years and it has recently taken off- sky rocketed. He was approached by a number of companies offering sponsorship ie $xx.xx to run a 20 sec add at the start of 3-5 of videos.

Naturally he was interested. He chose the best fit - corresponded back and forth over a few days and agreed to sign the contract.
When he clicked on the contract the whole youtube and gmail accounts were hijacked. In less than 10 seconds all the log in details had been changed and he could not find a way to get back control of his account.
He had nearly $7,000 in his adsense account ready to pay out.

For me, I panicked...not knowing how much information could be stolen especially from the emails. His bank details were on the adsense account etc,etc. He could not find his gmail recovery codes.

This video pretty much outlines what happened from about 7:19 onwards
Exposing Sponsorship Scams: How to Avoid Being Scammed on YouTube
My sons content was removed from his channel and a 'live stream' about bitcoin video put on. (We found about 12 identical live streams running at the same time across youtube)

Youtube reacted quickly. In less than 36hrs he had regained control of his gmail and youtube channel.
The PC was wiped with a clean install of windows. All passwords were changed, adsense bank details changed, all bank log ins changed.

It's awful to feel so violated

sx

A good outcome at least.

Well done to your son for his yt channel success. 

I expect these hackers target accounts like your sons which have recently become successful but dont yet have the experience or knowhow on how to spot these scams.