How they hacked me

[superbatman]

Hope most of you guys find this info very useful.
I got engaged on this matter after a social engineering attack. Some guys called my wife and told that they are from the bank and need my banking credentials to update their database. To gain their trust they provided my complete banking details including my card number . Due to the humble behavior and information they provided are correct she told my Atm pin. Later I got a text message that an amount of $9.5k was withdrawn from my account.
The investigation is still going on and authorities said that they traced that roots are from Nigeria. Later I renewed my banking details and installed a premium antivirus solution on my system as per the advice from my bank.

 

[superbatman]

Re: How they haked me

Our computer technician told that he found some Spywares on our desktop PC and there might be a chance that they got my banking details by keylogging my computer using these Spywares.
later he advised me that they can easily loot or perform some kind of identity theft by using this information :1zhelp:. as per current situation, hope we are safe as we renewed all credentials and secured our computer with a premium support Antivirus software.
I had some brokers who accept transfers online without any security for their site. I recommend you guys to avoid dealing with such guys who don't have SSl certificates. If somebody hacks into their unsecured website our credentials will also be at risk and may be manipulated for other kinds of attacks.
I recommend you guys to read this tips while making online transactions https://nci.ca/10-safest-methods-to-shop-online/

 

[pixel]

Hope most of you guys find this info very useful.
I got engaged on this matter after a social engineering attack. Some guys called my wife and told that they are from the bank and need my banking credentials to update their database. To gain their trust they provided my complete banking details including my card number . Due to the humble behavior and information they provided are correct she told my Atm pin. Later I got a text message that an amount of $9.5k was withdrawn from my account.
The investigation is still going on and authorities said that they traced that roots are from Nigeria. Later I renewed my banking details and installed a premium antivirus solution on my system as per the advice from my bank.

If your wife gave them your PIN, no Antivirus software could have prevented that.
Details, such as card number and address, could be syphoned off any merchant transaction. It's the PIN and/or your Login user id and password that the scammers couldn't obtain in any other way. Those two are the items that bank staff will never ever ask off you - neither by phone nor by email or any other open communication.

 

[Tisme]

My fhishing alert hackles are up on this thread.

Personally I wouldn't be opening the OP's link without finding out if it's safe.

"Hope most of you guys find this info very useful" used to be code for "I hope you open you port for my access".

 

[basilio]

My fhishing alert hackles are up on this thread.

Personally I wouldn't be opening the OP's link without finding out if it's safe.

"Hope most of you guys find this info very useful" used to be code for "I hope you open you port for my access".

Hmm.. That would be very sneaky and I can appreciate your concern. It's fair to say that fhishing tactics are becoming more and more sophisticated.

Saying that I did check out the link (carefully...) and it's clean and offers worthwhile information. It is in fact the website of an IT security company.

What did the link say

10 Safest Methods to Shop Online
Comment

Shopping online has become safer than ever. With a provided level of convenience that you can’t get anywhere else, it’s not only a popular way to shop, but it has quickly become the method of choice for a majority of North American consumers over the last decade.

Shop Online

However, even with ever-improving safety features being offered to digital shoppers, it’s still important that you remain cautious when making transactions online! Offering the wrong types of information could become detrimental to your privacy, your safety, and your bank account.

Protecting your credit card and personal information is surprisingly quite easy, and with a little planning can ensure that each purchase is completed without worry. Check out our top 10 tips for safe online shopping below!

Ways to Protect Yourself

Only shop through reputable websites. The company you’re purchasing with should be familiar and well publicized before you decide to buy anything through their online store. If you are shopping through a smaller site, make sure you read customer reviews. Negative experiences are often widely discussed online, so a quick search will give insight into any potential security issues.

Don’t over indulge in personal information. An online store has no use for your social security number and other personal information. An address, email, name, phone number, and credit card number are should be all that’s necessary.

All online businesses should have a SSL (secure sockets layer). Do not purchase anything from a store that doesn’t have one.

Try to use PayPal for online purchases. It offers extra security and makes online shopping even more convenient. If your purchase never arrives, communication ends with the seller, or you run into mostly any other issue that prevents you from getting the goods you paid for, PayPal will cancel the transaction and all funds will be returned to your bank account or credit card.

Keep track of your online shopping habits. Check your bank statements after making purchases to assure that you weren’t charged more than necessary. It’s easy for small charges to go unnoticed when you shop online often, but doing regular checks of your credit card statements will ensure there is no suspicious activity.

Use strong passwords when you sign up with a new online store. The stronger the password, the harder it is for your account with the shop to get hacked. Additionally, use different passwords than you use for your e-mail. If someone happens to hack into the online store’s database, you don’t want them to be able to use that information to log into your e-mail account.

Use apps for your favorite stores. Shopping over your mobile device is said to be safer than shopping through a store’s mobile website.

Make sure you have a secure Wi-Fi connection at home. Making purchases through unsecure Internet service is never wise. Ensure that you avoid buying anything while on a public Wi-Fi signal, and have a strong password implemented for your home Wi-Fi.

Use gift cards to make purchases instead of credit cards. This is the simplest tip, yet is often overlooked. By purchasing gift cards by cash in a store, you’ll be able to complete full purchases online without ever having to give out credit card information. You may even be able to gain perks through your local grocery store for buying gift cards, saving you even more money and making your online shopping more secure.

Avoid free product purchases and deals that seem too good to be true. In most cases, they are too good to be true. Non-reputable sources may even distribute your personal information to third parties, all but ensuring your e-mail inbox will start filling with spam.

The most important tip when shopping online is the simplest: use your logic! If a website has bad reviews, asks for too much personal information, or otherwise seems too good to be true, then continue your search for a trustworthy site to complete your purchase on.

 

[SirRumpole]

As well as the suggestions posted above I would add:

Use an answering machine to take your phone calls. Scammers rarely leave a return number and usually just hang up. Once they know they are speaking to a human they can turn on their persuasive charm and make people believe what they want. Don't give them the chance.

 

[Tisme]

Just use Paypal, if not your credit card. I have even had trips to london booked on my credit cards and the bank has picked each activity as fraud well before I knew about it. I'm pleased to say fraudsters had a surprise waiting for them at the ticketing counter in Melbourne.

 

[Gringotts Bank]

Very handy if you ever have to dl anything. Scans the file with heaps of different AV scanners at once.

https://www.virustotal.com/

I scanned the url provided and it came up clean. Nice.

 

[Smurf1976]

I have a very simple rule when it comes to unsolicited phone calls. I take them on notice only.

Even they said they were the police calling then no worries, I'll come to the station and we can discuss it there. If it's the bank then no problems, I'll come into the branch and we can sort it out. Etc.

That gets rid of most of them real quick.

 

[cynic]

I recently had an interesting one.

I received a text message, including a suspicious link, via my mobile phone, requesting that I update my details immediately to comply with updated terms.

The disturbing thing about this one was that it appeared to have come through on the same number that I receive authentication codes for online transactions with that very same bank.

So naturally, I visited the bank the following monday and showed it to one of their staff. As soon as he saw that the 13 number mentioned in the message belonged to the bank, he incorrectly concluded that the message was legitimate and assured me that I could safely use the link.

Fortunately, I recognised him for the naive moron that he clearly was, and insisted on speaking to somebody willing to investigate the matter more deeply. Upon having another staff member check more thoroughly, it was confirmed that the link was bogus.

No one was able to explain how the message appeared to have come through via the number the bank uses for communicating verification codes to its customers.

 

[Gringotts Bank]

Fortunately, I recognised him for the naive moron that he clearly was

lol

 

[Tisme]

No one was able to explain how the message appeared to have come through via the number the bank uses for communicating verification codes to its customers.

If they can't distinguish a scam from the legit, a very long bow would be expected with an answer to that riddle.

 

[Tisme]

Hmm.. That would be very sneaky and I can appreciate your concern. It's fair to say that fhishing tactics are becoming more and more sophisticated.

Saying that I did check out the link (carefully...) and it's clean and offers worthwhile information. It is in fact the website of an IT security company.

I hope you are right and the page is secured, because payloads sitting behind legitimate facades are the trevail of hackers and the bread and butter of anti virus companies.

I much prefer the honest criminals, like the old Windows haters, who at least tell you via your proxy settings they have hijacked and rerouted your viewing pleasures.

Even the fella who owns facebook has tape over his laptop camera and the inbuilt microphone ... that's how much he trusts his own security measures.

 

[SirRumpole]

Even the fella who owns facebook has tape over his laptop camera and the inbuilt microphone ... that's how much he trusts his own security measures.

Good to see I'm not the only paranoid.

 

[minwa]

It's the PIN and/or your Login user id and password that the scammers couldn't obtain in any other way. Those two are the items that bank staff will never ever ask off you - neither by phone nor by email or any other open communication.

Not quite true..I remember calling ANZ and they asked for my 4 digit PIN over the phone, to say it not key into the dialpad.

 

[pixel]

Not quite true..I remember calling ANZ and they asked for my 4 digit PIN over the phone, to say it not key into the dialpad.

That would be your phone banking PIN.
That's different insofar as it's not smeone, pretending to be from ANZ, calls you, but you phoning them and working your way through a menu of "Press x for y" options.

 

[superbatman]

As well as the suggestions posted above I would add:

Use an answering machine to take your phone calls. Scammers rarely leave a return number and usually just hang up. Once they know they are speaking to a human they can turn on their persuasive charm and make people believe what they want. Don't give them the chance.

This is a great idea, need to try this trick

 

[superbatman]

My fhishing alert hackles are up on this thread.

Personally I wouldn't be opening the OP's link without finding out if it's safe.

"Hope most of you guys find this info very useful" used to be code for "I hope you open you port for my access".

I don't know why you guys suspect me.. I am not that Fu*&^ hacker..

 

[superbatman]

If they can't distinguish a scam from the legit, a very long bow would be expected with an answer to that riddle.

Most of them are using Spoofed mobile numbers. One officer told me that they already investigated such a crime.

 

[Tisme]

I don't know why you guys suspect me.. I am not that Fu*&^ hacker..

Yeah already ran the site through the blacklists, for defacing, for injected spam and malware...... but one can never be too careful.

If you had linked say pornhub.com then that would have been different, never any risk of infection from those sites LOL