Internet security.........

Submitted: Tuesday, Jun 27, 2006 at 19:04
ThreadID: 35338 Views:5877 Replies:19 FollowUps:33
This Thread has been Archived
I just had a call from Westpac and somebody has moved $5,000 from my bank account into an another one. The lady said not to worry as it will return but I can't use online banking for 3 days.
I have telstra bigpond anti virus and I have Norton works up to date. I have anti spam and anti everything but see what happens.
She said the safest way is to keep changing your password. I have never changed mine for years but will from now on.
So when did you change your password last???

Reiner
Back Expand Un-Read 0 Moderator

Reply By: Terryfirma - Tuesday, Jun 27, 2006 at 19:10

Tuesday, Jun 27, 2006 at 19:10
Reiner,

Just changed mine about five minutes ago

Thanks for the advice

Regards

Terry
AnswerID: 180675

Reply By: Member - Andrew W (SA) - Tuesday, Jun 27, 2006 at 19:14

Tuesday, Jun 27, 2006 at 19:14
important questions:

1. was it an Internet banking transfer from your Internet banking login, or was it a direct debit payment? Did "the lady" say?

2. If it was the latter, did you give authority to someone to have your account debited? Make sure it is cancelled if used incorrectly.

3. If it was an Internet banking transfer, have you been phished - ie. were you sent an email purporting to be from your bank which logged you on to some other site (usually you don't realise) that looks exactly like your bank's Internet banking site, but proceeds to collect your account information you willingly enter - usually then redirecting you to your bank and making it look as though you just typed the wrong info in ... think hard. Did it happen to you?

They may even have got other ID information from you which identifies you to the bank, and allows them to masquerade as you and change your password etc.

Also, you need to double check that it really was Westpac calling you ... do they have your account information? Can they verify they are really from Westpac? Can you call them back? It could be the purpertrators making sure you don't notify the bank for three days ...

CHANGING YOUR PASSWORD ALONE IS NO PROTECTION

For future reference, never follow links in emails sent to you purporting to be from Westpac or any other bank if this is the cause.

Somebody seeing your password is unlikely - perhaps possible if you are a frequent user of Internet cafes.

Ciao for now
Andrew who suspects you are still being had.
AnswerID: 180676

Follow Up By: Member - Reiner G (QLD) 4124 - Tuesday, Jun 27, 2006 at 19:51

Tuesday, Jun 27, 2006 at 19:51
The lady didn't ask any details and warned me to give any information to anybody. She gave me a number to call her back anytime I feel like it.
The money was transfered online from one account to the other. I'm pretty confident I get my money back and I use online banking for 8 years now never had a problem. But I will change my password more frequently.
I will lower my limit of transfers too back to $1000 so that is all you could lose.
Westpac have changed a few month ago where you get a keyboard on the screen which you type on with your mouse. The lady said that stops lurkers following your keystrokes. I'm sure Westpac will refund the money even if not recovered, they can't realy aford customers getting worried about security online.
Lets see what happens.

Reiner
0
FollowupID: 436936

Follow Up By: Member - Andrew W (SA) - Tuesday, Jun 27, 2006 at 20:03

Tuesday, Jun 27, 2006 at 20:03
well Reiner, it still looks to me like that lady was not from Westpac at all.

The lady may well be the phisher just putting you at ease when you should be mightily worried.

See this link: Site Link

and this link: Site Link

telling you how the phishers do their dirty deeds.

I would strongly recommend calling Westpac now on 1300 655 505 and double checking.

One little check will put my mind at ease, even if you are comfortable.

The Westpac security guarantee has quite significant cavets ... Site Link which you might have broken by entering your Internet Banking security details in some other phishing site. In particular:

"An Account Holder may be liable for operations on the account where correct access codes have been used."

If your phishing mates have access to your access codes you may be buggered.

Ciao for now
Andrew
(you will see my name from a past life listed on this Visa press release - I do know what I am talking about on this subject: Site Link )
0
FollowupID: 436939

Follow Up By: Member - Beatit (QLD) - Wednesday, Jun 28, 2006 at 08:27

Wednesday, Jun 28, 2006 at 08:27
G'day Andrew and Reiner,

Good advice, it certainly doesn't hurt to check these things. I left banking about 10 years ago so things have changed a lot (like more fees) but I don't recall the level of sofistication that would allow the bank to pick up on a suspect transaction like $5,000 and ring their client to tell them that they have been done. Happy to be wrong though, but if it were me I'd check the bona fide of the caller.

Kind regards

Theo
0
FollowupID: 437043

Follow Up By: Member - Andrew W (SA) - Wednesday, Jun 28, 2006 at 09:00

Wednesday, Jun 28, 2006 at 09:00
Beatit,

It is possible for the bank to call - tho' unlikely.

They could became aware of a scammer because somebody notified them. They would know the account number the scammer had set up to transfer money to - they would look at all transfers to that account and put 1 and 1 together (for once). They would know which accounts the transfers came from.

The scammer MO may be, for instance, might be to:

1. collect a whole lot of Westpac access IDs using a phishing scam

2. log into those Internet Banking accounts, check out the user details, get their phone numbers and names and make a list

3. transfer large amounts (typically maximum amounts for Internet Banking) to an account or accounts set up for the purpose

4. delete those account details from the Internet Banking

5. Lock the account by wrong password access (easy to do)

6. Call the account holders and tell them they have been scammed, but not to worry - they will get refunded, however their accounts will be locked for 3 days

7. withdraw the cash from the account have the cash sent with Western Union or such, overseas

8. close the account

A common variation at the moment, is to recruit people into their scam unknowingly. These people are cash couriers. They provide their account details to the scammer. Money gets transfered to their account by unsuspecting scammed eBay buyers or by the phishing scammer using stolen ID. They are asked to take the money out of their accounts and transfer it by Western Union to [insert your favourite country like Russia, Hong Kong, Malaysia ...] and it is never seen again ...

The eBay buyer never gets the goods.

Everyone gets burned in one way or another.

The scamming is too far removed to be able to trace it ...

I hope this helps
Andrew who can't say loudly enough that Reiner needs to check the bona fides ... oh well.
0
FollowupID: 437052

Follow Up By: Member - Reiner G (QLD) 4124 - Wednesday, Jun 28, 2006 at 09:06

Wednesday, Jun 28, 2006 at 09:06
I just did that 10 min ago. I rang Westpac on the number the lady gave me. 1300364294 and spoke to her again just to make sure its all good.
I will keep you informed on what happens next. I'm not real worried and I'm sure I get my money back.

cheers and thanks
Reiner
0
FollowupID: 437055

Follow Up By: JJ - Wednesday, Jun 28, 2006 at 17:37

Wednesday, Jun 28, 2006 at 17:37
Don't know if I've slotted this in the right place...but that's beside the point!
However, I don't really get this post.
How would the bank know it wasn't you (RG) that transferred $5,000 to another account?
And how come this lady didn't ask any details? And as already mentioned, how come the same person spoke to you again today (a long shift)?
There's lot's of little things that don't smell right.

I had to call my bank today to stop payment on a transaction and each person I spoke to (3 in the duration of the call) I had to give a list of ID including my kids grandmothers maiden name! On asking if the transaction had already taken place, they wouldn't tell me; I had to tell them who it was to & for how much before they could confirm it.
Of course, all banks have different tactics, but...what a worry!
For your sake RG, I hope it all works out for you!
0
FollowupID: 437145

Reply By: Member - Marquis - Tuesday, Jun 27, 2006 at 19:20

Tuesday, Jun 27, 2006 at 19:20
I do not trust Norton.

Just out of interest, download lavasoft adaware and do a scan of your system:
http://www.lavasoft.com/support/download/

Other banks (ie St George? HSBC etc) have a keyring device which gives you a new pass code each time you login and make a external transaction.
AnswerID: 180678

Follow Up By: Member - Reiner G (QLD) 4124 - Tuesday, Jun 27, 2006 at 19:53

Tuesday, Jun 27, 2006 at 19:53
I do trust Norton.......has saved my but for many years now.
But I have to admit those passcode keythings are smart, my wife has got one for her work e-mail and it works like a charme. That might be the way to go.

Reiner
0
FollowupID: 436938

Follow Up By: howie - Tuesday, Jun 27, 2006 at 20:04

Tuesday, Jun 27, 2006 at 20:04
reiner g ,
adaware is not exactly an anti-virus program and is highly recommended as a
good addition to virus stuff. run it and see how much crap is hiding in your pc
0
FollowupID: 436940

Follow Up By: Member - Marquis - Wednesday, Jun 28, 2006 at 08:04

Wednesday, Jun 28, 2006 at 08:04
Bloke at work had Norton (up-to-date etc), I installed adaware and it found 4 spyware programs and 2 adware programs (I only installed adaware because of the adware)
0
FollowupID: 437040

Follow Up By: disco1942 - Wednesday, Jun 28, 2006 at 14:35

Wednesday, Jun 28, 2006 at 14:35
Norton - or any anti-virus for that matter - does not check for spyware or adware programmes. You need both Ad-aware and Spybot in addition to your anti-virus.

PeterD
PeterD
Retired radio and electronics technician

Lifetime Member
My Profile  Send Message

0
FollowupID: 437115

Reply By: Exploder - Tuesday, Jun 27, 2006 at 19:20

Tuesday, Jun 27, 2006 at 19:20
I just don’t use Internet Banking ,If I can help it, Have used it 2 twice in 2 ½ years , don’t trust it don’t like it, for any major stuff I just go to the bank.

At least if you get mugged at a ATM you only loose a few 100 at the most, and if it’s some little D**k head trying to rob you, well a broken jaw and a few missing teeth might make him think twice about his chosen Profession.
AnswerID: 180679

Reply By: Member Boroma 604 - Tuesday, Jun 27, 2006 at 19:50

Tuesday, Jun 27, 2006 at 19:50
Gooday,
Have to agree with marqis, Norton ranks at the very bottom for me, have had no end of trouble with it 1/12 years ago, download AVG free version from the net & bin Norton.
Cheers Boroma 604.
AnswerID: 180683

Reply By: angler - Tuesday, Jun 27, 2006 at 20:06

Tuesday, Jun 27, 2006 at 20:06
I also hate nortons, I charge extra to fix computers if nortons is loaded.
I use National bank and thay have a system that sends an SMS to your mobile every time a transaction of dollars out of an account is requested. At least then you know straight away that some is trying to rip you off.

I suggest you change P/W at least every month.

Pooley
AnswerID: 180687

Reply By: Mike Harding - Tuesday, Jun 27, 2006 at 20:08

Tuesday, Jun 27, 2006 at 20:08
The word on the street is; don't touch internet banking with a barge pole.
AnswerID: 180689

Follow Up By: Truckster (Vic) - Tuesday, Jun 27, 2006 at 20:14

Tuesday, Jun 27, 2006 at 20:14
Starting to agree with you, but honestly - in 5-10 yrs you honestly think there will be any over the counter banks left?
0
FollowupID: 436944

Follow Up By: Muzzgit (WA) - Tuesday, Jun 27, 2006 at 23:42

Tuesday, Jun 27, 2006 at 23:42
I have done evrything on internet for more than 8 years now.

That includes paying ALL bills online, as well as transfers between my own accounts and transfers to other people. Have not had a problem. EVER....
0
FollowupID: 437019

Reply By: Feral - Tuesday, Jun 27, 2006 at 20:09

Tuesday, Jun 27, 2006 at 20:09
Internet banking is fantastic. I use the same bank and have never had a problem yet. All you need to do is monitor it every day and report immeadiately any 'foreign'
looking transactions that you are unable to account for. If you notify them of the discrepancy they will investigate and give you the outcome.

With the virus protection....Nortons is the biggest load of junk I have ever used. They can sue me if they like but it just cause heaps of problems. I have now switched to AVG free edition and have not had a computer meltdown since.

Cheers.
AnswerID: 180691

Follow Up By: Mike Harding - Tuesday, Jun 27, 2006 at 20:16

Tuesday, Jun 27, 2006 at 20:16
>Internet banking is fantastic. I use the same bank and have never had a problem yet.

When you do... will it not be quite so fantastic?

Mike Harding
0
FollowupID: 436946

Follow Up By: SteveL - Tuesday, Jun 27, 2006 at 20:18

Tuesday, Jun 27, 2006 at 20:18
I know a lot of people in the IT industry and they mostly use AVG and won't have anything to do with Norton.-Steve
0
FollowupID: 436947

Follow Up By: Member - Pedro the One (QLD) - Tuesday, Jun 27, 2006 at 23:21

Tuesday, Jun 27, 2006 at 23:21
Holey Moley ........... now I'm worried, too !!!!!

I frequently use net banking and whilst no problems so far, Cautious is my middle name.
I change my password regularly every 4 - 5 years, but am now revising this strategy !
And I also have Norton AV ..............

thusly I ask : can Norton and AVG be utilised concurrently or are they mutually exclusive ??

0
FollowupID: 437013

Follow Up By: Motherhen - Tuesday, Jun 27, 2006 at 23:50

Tuesday, Jun 27, 2006 at 23:50
Like Feral, i have never had a loss and use Internet banking with a number of banks and similar regularly. I know keystroke recording programs are possible (i do not like doing banking on a public computer, but had to trust Telecentres and Access Centres when travelling). I have also heard of cases of people losing money while logged in. I keep the daily limit as low as possible, even if it means paying big bills over three days. If BPay is available, it has a much much higher daily limit. If you have a loss due to Internet banking, scream loud and long at your bank for full restitution. They are setting up their websites, and pushing us into Internet banking. Security and theft is their problem, not ours.

I agree also on Norton and use AVG free. It has also picked up new viri before Norton has.
Motherhen

Red desert dreaming

Lifetime Member
My Profile  My Blog  Send Message

0
FollowupID: 437020

Follow Up By: Member - Marquis - Wednesday, Jun 28, 2006 at 16:44

Wednesday, Jun 28, 2006 at 16:44
DO NOT USE PUBLIC COMPUTERS TO ACCESS INTERNET BANKING!!!

Your asking for problems.

Better off using dialup at a motel, small newsagency, or similar place with your own notebook...
0
FollowupID: 437142

Follow Up By: Motherhen - Wednesday, Jun 28, 2006 at 22:44

Wednesday, Jun 28, 2006 at 22:44
Marquis, when travelling in Tasmania i used the community run govt funded access centres or those based in libraries. They are virtually the same as the Telecentres we have here in WA. I worked for one, and it is quite safe in ours here with our strict controls. I prefer this to an unknown such as a private business who may not understand the controls necessary, or who may have a corrupt staff member. I would not use an Internet Café for banking. My laptop is still not back from repairs - been running all over Oz since last September (another disaster story), so i didn't have it for the holiday. It is not easy to find a phone line to hook into when travelling for you own laptop. At our Telecentre, we could not do this due to our phones being on a commander system, so we put in a special phone line just or travellers with laptops. It was used about twice at $2 per 15 minutes, after paying rent for a Telstra line all year. They were planning to cancel it when i left for Tasmania. Motherhen
Motherhen

Red desert dreaming

Lifetime Member
My Profile  My Blog  Send Message

0
FollowupID: 437220

Reply By: GaryInOz (Vic) - Tuesday, Jun 27, 2006 at 20:49

Tuesday, Jun 27, 2006 at 20:49
IMPORTANT!!!
Please Read.......

Did you give your details to the lady on the phone (account number, PIN/password, etc)? If so, my friend, you have just been scammed.

I would suggest that you go to your local branch and confirm everything in the morning, and report your card as stolen RIGHT NOW!!!!!. You can be issued with a new card at the branch, but the credit card addition to the account (if you have one) has to wait a week or so to be processed.

In future, NEVER give out information over the phone if THEY have called YOU. Always ask them who to contact and at what branch, check the phone number they give you of that branch (1223 directory assistance, free call) and then call them back.

This is a phone version of Phishing. If you can look up the "Recieved calls" on you mobile or your home phone CND and give that to the bank they may be able to take action.
AnswerID: 180712

Follow Up By: Member - Reiner G (QLD) 4124 - Tuesday, Jun 27, 2006 at 22:51

Tuesday, Jun 27, 2006 at 22:51
You didn't read my post at all mate.........it wasn't a card it was a money transfer from one account to another account. The lady I spoke to didn't ask any details and told me to never reveal any details to anybody which I never have done. I checked my account and access is denied for security reasons. I asked the lady what my chances are and she said I will get my money back even if they can't recover it. I still have faith in online banking and Westpac and the internet in general. Been using online banking for many years and never had a problem. I buy heaps of stuff per Visa too online and over the phone and never had a problem. I'm sure it will all be ok but I will keep changing my password from now on.

cheers
Reiner
0
FollowupID: 436999

Follow Up By: GaryInOz (Vic) - Tuesday, Jun 27, 2006 at 23:25

Tuesday, Jun 27, 2006 at 23:25
I did read your post. The fact is someone else had/has authority over your accounts. Best way to freeze everything except shopfront transactions at your local branch is to report your card stolen, as described and for the reasons given.
0
FollowupID: 437015

Follow Up By: Muzzgit (WA) - Tuesday, Jun 27, 2006 at 23:51

Tuesday, Jun 27, 2006 at 23:51
Gary, mate, it's got nothing to do with his card !!!
0
FollowupID: 437021

Follow Up By: Member - Andrew W (SA) - Wednesday, Jun 28, 2006 at 08:34

Wednesday, Jun 28, 2006 at 08:34
Reiner - you are just not getting it.

Don't be distracted by the card issue - as Muzzgit implies, this is only about Internet Banking.

If it were Westpac that called you, there is no reason they wouldn't have changed your Internet Banking access codes for you and given you the new one. There is no explicable reason I can think of for them to lock down your Internet Banking.

This makes me think the call was from a phishing scam outfit. If you haven't called Westpac, or the number provided how do you know?

The fact that your access is denied is potentially just your scammers making sure that the scam is not noticed until they have moved on and can't be traced. ie. call you, tell you that they are Westpac, tell you that they know about the problem and that you won't be able to access your account for a few days ... meanwhile the transfer goes through to some account at another bank. They take the money out of the account as soon as it arrives and close the account.

You are having faith in some unidentifiable caller with a nice woman's voice who told you everything you wanted to hear. You don't have any concrete evidence that it was Westpac calling you from what I can tell.

I hope this helps and that it really was Westpac that called, but I'll now butt out,
Andrew.
0
FollowupID: 437045

Follow Up By: Member - Reiner G (QLD) 4124 - Wednesday, Jun 28, 2006 at 08:50

Wednesday, Jun 28, 2006 at 08:50
Andrew, I just rang westpac on 1300 364 294 and asked for the lady from last night. She spoke to me and all is good.
Thanks for your concerns.

cheers
Reiner
0
FollowupID: 437048

Follow Up By: Member - Andrew W (SA) - Wednesday, Jun 28, 2006 at 09:02

Wednesday, Jun 28, 2006 at 09:02
great. Thanks for that. I feel much better now.

Hopefully they can tell you exactly how you were scammed so you know for next time.

Ciao for now
Andrew who in future will only say it once ;-)
0
FollowupID: 437054

Follow Up By: robak (QLD) - Wednesday, Jun 28, 2006 at 09:37

Wednesday, Jun 28, 2006 at 09:37
Reiner just to make sure call wespac on one of their displayed number. ie not the number the lady gave you.

Site Link

If she called last night and she was still there this morning.... that's a very long shift she's working.

0
FollowupID: 437064

Follow Up By: Member - Ed. C.- Wednesday, Jun 28, 2006 at 14:11

Wednesday, Jun 28, 2006 at 14:11
Reiner,

You need to call WESTPAC!! and you need to do it RIGHT NOW!!!

The link provided by robak is a good one, choose the number applicable to your situation...

1300 364 294 is NOT listed on the WESTPAC site....

I sincerely hope that you get it sorted out...

Regards, Ed. C.
Confucius say.....
"He who lie underneath automobile with tool in hand,
....Not necessarily mechanic!!"

Member
My Profile  Send Message

0
FollowupID: 437109

Follow Up By: GaryInOz (Vic) - Wednesday, Jun 28, 2006 at 21:19

Wednesday, Jun 28, 2006 at 21:19
FWIW I was only using the "card" as a mechanism for MAKING SURE the account was locked down BY YOU, as the stolen card phone number will put the clamp on the relevant accounts.
0
FollowupID: 437194

Reply By: Member - Peter R (QLD) - Tuesday, Jun 27, 2006 at 21:47

Tuesday, Jun 27, 2006 at 21:47
The National have a security feature you can request for transfers to third parties.
When you get to enter the password this triggers an alert to Bank and they text a new password to your mobile.
This happens each time you make a transfer to a third party
For transfers between your own accounts no password needed.

Perhaps the other Banks have a similar feature.

Pedr
AnswerID: 180727

Reply By: Leroy - Tuesday, Jun 27, 2006 at 23:00

Tuesday, Jun 27, 2006 at 23:00
One answer - Bendigo Bank. They have a system where they give you a token and the password changes on the token everytime you press a button. Perfect for people on the move that use library or internet cafe computers.

Leroy
AnswerID: 180740

Reply By: Emo - Tuesday, Jun 27, 2006 at 23:05

Tuesday, Jun 27, 2006 at 23:05
I've set my internet banking up so I can only transfer money between by accounts.
AnswerID: 180743

Reply By: Gu_Patrol - Wednesday, Jun 28, 2006 at 08:15

Wednesday, Jun 28, 2006 at 08:15
I get emails from ebay about buying stuff which i didn't buy, just another scam, they ask you to login your name and password into there shonky site just for your info
AnswerID: 180771

Follow Up By: Member - Reiner G (QLD) 4124 - Wednesday, Jun 28, 2006 at 08:19

Wednesday, Jun 28, 2006 at 08:19
I would send that on to e-bay, they do follow it up and catch most people. I had something simular and they found somebody here in brisbane using his work computer to do stuff like that.

Reiner
0
FollowupID: 437042

Reply By: Member - John R (NSW) - Wednesday, Jun 28, 2006 at 08:22

Wednesday, Jun 28, 2006 at 08:22
I've been using internet banking almost exclusively for 10 years now, without any problems whatsoever.

Infact internet banking has saved my skin, because I found a fraudulent transaction the day after it occured (non-internet) from a luggage business I never had or never would use. If I had waited for the quarterly statement from the credit union, I would not have known for a couple of months (or until a legitimate card transaction was declined). I had the error corrected on the spot, no worries.

I'm more concerned about ATM/credit card fraud, be it skimming or whatever.
AnswerID: 180774

Reply By: Spike me - Wednesday, Jun 28, 2006 at 13:45

Wednesday, Jun 28, 2006 at 13:45
One of my clients is 3rd in charge of the ANZ who is also the head of national security department for the bank. He has advised me time and time again not to use any banks internet or online services as no bank can garuntee their own security 100%. As soon as they make it secure the new system is successfully hacked by 100's of people within days. I have never used it and won't.
AnswerID: 180821

Follow Up By: Moggs - Wednesday, Jun 28, 2006 at 14:15

Wednesday, Jun 28, 2006 at 14:15
My brothers friends sisters proctolgist is married to a lady who was told by a friend who knew someone at ANZ who was 2nd in charge who said that internet banking is safe. Good enough for me - I use internet banking for everything! ;-)
0
FollowupID: 437112

Follow Up By: Member - Marquis - Wednesday, Jun 28, 2006 at 14:44

Wednesday, Jun 28, 2006 at 14:44
Simple rule in big business:
Higher they are up the food chain - the higher the amount of crap they are told.
0
FollowupID: 437117

Reply By: Member - Reiner G (QLD) 4124 - Wednesday, Jun 28, 2006 at 15:07

Wednesday, Jun 28, 2006 at 15:07
I now spoke to a Lady in Sydney who runs the investigation on my case and she said first thing is refunding my money and than they find out where it went.
You wouldnt think a bank can say that eh.........
I have my money back within 5 working days.
To get my online banking back I had to do a spyware scan of mu computer and westpac send me a link to some freeware which works. Here is the link Site Link The report of this scan goes to Westpac and when they are happy my system is clean I get my online banking back with a new password. I did get a letter from Westpac ( e-mail)confirming all that.
I'm happy and I will keep using my online banking. I will limit the amount of money I can transfer and change my password at least ones per month.
All good
Thanks for all the good feedback and I agree better to worry to much than getting hurt.

cheers
Reiner
AnswerID: 180832

Reply By: Bros 1 - Wednesday, Jun 28, 2006 at 17:14

Wednesday, Jun 28, 2006 at 17:14
Reiner G,
Check out post 33462 mate. It happened to me not long back. Got the dough back after about a week, but had to change card and associated paraphernalia.
Cheers,
Bros.
Work is the curse of the down and out bludger.

Lifetime Member
My Profile  Send Message

AnswerID: 180846

Reply By: Member - Boo Boo (NSW) - Wednesday, Jun 28, 2006 at 20:52

Wednesday, Jun 28, 2006 at 20:52
Gidday everyone
I was speaking to my computer buff son about pass words the other day. It seems he was taught at Uni that one of the best pass words to have is a combination of capitals , lowercase and numbers. For example, Crui298Ser. It seems that it is very easy to use a code breaker on words that are found in the dictionary, but very,very hard to break a password with the above combination. Hope this is helful for your new passwords.
Regards Bob
AnswerID: 180906

Follow Up By: Mike Harding - Wednesday, Jun 28, 2006 at 20:56

Wednesday, Jun 28, 2006 at 20:56
Clearly, he has never heard of the NSA (or GCHQ, come to that) :)
0
FollowupID: 437190

Follow Up By: Member - Reiner G (QLD) 4124 - Wednesday, Jun 28, 2006 at 22:10

Wednesday, Jun 28, 2006 at 22:10
I had an old rego number in mind........3 numbers and 3 letters.........that should do. It would be easy to find a new password every month if you keep going up in numbers or letters one by one.
cheers
Reiner
0
FollowupID: 437214

Follow Up By: Pajman Pete (SA) - Thursday, Jun 29, 2006 at 08:33

Thursday, Jun 29, 2006 at 08:33
Not a good idea. Each new password should be unrelated to a previous one. Minor changes like you suggest are very easy to crack.
Any mug can be uncomfortable out bush

Member
My Profile  My Blog  My Position  Send Message

0
FollowupID: 437255

Reply By: Member - Tim - Wednesday, Jun 28, 2006 at 23:38

Wednesday, Jun 28, 2006 at 23:38
Hi all,

Internet banking itself is usually safe. I don't believe there has been a single instance in Australia of someone actually breaking the security of an internet banking site directly. It is not easy for a hacker to get to the actual sites as the security is as good as it can be. It is actually much easier for them to attack you than the systems themselves. A fine example of this is an e-mail that was doing the rounds recently claiming to be a news story about the NAB going bankrupt. As soon as you clicked on the link in the e-mail it actually started a program that tried to load various keylogger programs onto your PC. After that everything you type into your computer is stored and transmitted to a web site where it is analysed and used to attack sites that you have typed passwords for.

The security feature that was mentioned of the floating keypad can fool some of the logging programs but not all as some of them will actually store a snapshot of the screen or mouse positions and clicks.

The second level security like the SMS message with an extra password, token that gives a different password are very good and make it very much harder but still not impossible for someone to track what you do. It requires a very special program that inserts between you and the internet banking site and can take over act as you after the second token is entered. As I said, very much harder to do.

Best security is to have a good anti virus program, good firewall and good anti-spyware program and never, ever even open an e-mail if you don't know who it comes from. Just delete them, if it was important someone will let you know another way. A financial institution will never send you an e-mail asking you to key in your details, no matter how valid the reason might appear. Run the anti-spyware regularly and make sure the anti virus has real time monitoring, not just runs occasionally. If your financial institution has second level tokens then be willing to pay for them to secure your own data as they are not cheap. If they don't have them then tell them they should. Pretty much all the suppliers of Internet Banking have the ability to provide second level security but the financial institutions don't necessarily have the will to pay for it.

At present the banks and others are not losing anywhere near as much money through IB fraud as they do through credit card fraud. Until they start to lose that amount (many millions of dollars every year) then they will not put as much effort into stopping it, they will just pay your money back.

Don't know if that helps a lot for anyone but it is an area where I actually know what I am talking about :).

Tim.
AnswerID: 180958

Sponsored Links

Popular Products (13)