cancel
Showing results for 
Search instead for 
Did you mean: 

Online Banking Phising Scams

Community Veteran
Posts: 3,231
Thanks: 244
Fixes: 3
Registered: 05-04-2007

Online Banking Phising Scams

Hi all,

I thought I'd just post to warn you of my experience today with these.

Yep I am sure many have had the spam e-mails asking to confirm our details which we delete, and of course you always check the address in the browser is actually pointing to that of the bank, etc. Also the browser should be indicating the page is https.

All those checks I am sure we are aware of and do.

However it seems these scams are taking a new twist, and to be honest I was a bit shocked about how advanced they are getting. I will explain:

Was going to log onto my account using Barclays Internet banking today (using my dad's laptop), and entered my surname and User ID. Then you get the second security details screen. This appeared as shown in the screenshot.

Linkage

Noticed that below the usual two combo boxes to enter certain letters of your password, another box had appeared asking for the FULL password (Enter Memorable Word). I hadn't noticed this being there before.

Checked I was definitely on the bank's site, and I was. Maybe the bank have changed their site? But then why would the bank ask for two characters of your password and also the full password? Doesn't make sense does it? So I started to smell a rat.

VPN'ed and Remote Desktoped to my work PC and tried the site there - no box asking for the full password.

So I came to the conclusion that my dad's laptop had some kind of trojan, which is obviously attempting to nick internet banking details. It must be detecting traffic to and from Barclays website and intercepting it, to the extent of changing the site when returned from the server and also, I assume, of copying my log-in details to the scum who wrote it (but I sure as hell wasn't going to put that to the test by logging in).

I installed the free version of AVG Anti-Virus, it detected the following and removed it. Here is what the log says:

Linkage

Sure enough the site reverted to how it should have been:

Linkage

So in the past, all we've had to worry about is the odd spam e-mail and ensuring the site URL in the address bar is correct. Now it seems to actually have to watch the legitimate bank website to check for anything which looks suspicious.

Oh and of course (I know you hear this again and again, but I have certainly learned a lesson today) .. make sure your AV software is up-to-date and make regular scans Smiley

Just warning you all to be on your guard, it would be quite easy to dismiss this as a legitimate bank change and let someone steal your details (as well as your cash). Luckily I didn't put my details in the second screen and thought something was up.

However it could easily have been overlooked and certain others might not have even noticed something was wrong. My parents would not have suspected a thing, and I only did because of the additional box. If that hadn't been there and I just had a plain keylogger than I wouldn't have known either.

So these scammers are getting more and more sophisticated, and I can only assume that these will start to become more widespread.

Don't ask me how this PC became infected in the first place, as I have no idea!
6 REPLIES
N/A

Re: Online Banking Phising Scams

Quote
...I installed the free version of AVG Anti-Virus, it detected the following and removed it.


A salutary reminder. AVG rules... Smiley
avalon
Grafter
Posts: 361
Registered: 05-04-2007

Online Banking Phising Scams

I use a simpler method of keeping my online banking safe. I use a linux live distro. You burn it to CD then turn off your machine.

Restart and choose to boot from the CD then once it loads use the browser to go to your bank. Since it loads the OS and browser into memory and doesn't use your PC hard disk or normal operationg system or browser at all you can't get spied on at all no matter how infected your PC is. Smiley
Community Veteran
Posts: 3,231
Thanks: 244
Fixes: 3
Registered: 05-04-2007

Online Banking Phising Scams

Oooh, sounds like a plan, might have to give it a go Smiley

But can you imagine how many people would actually do such a thing? How many could the above scam method net? I would say lots. Its always been about checking the site URL, etc. now it seems the goalposts have moved somewhat.

I've e-mailed Barclays about it, whether they'll do anything is another matter. All they seem concerned about is mailing me plugging their bloody Additions account, which is just an excuse to charge you a near £10 monthly fee for 'so called' benefits you'll never use. Won't be free banking in the UK for much longer - already they are buying stakes the chargeable cash machine companies, essentially owning them hence introducing the cash machine charges they said they wouldn't introduce following the public 'outcry', when they said they would introduce them a few years ago and pretended to give in and then wouldn't.

And you still have to wait 4 working days for a cheque to clear, even though the technology for immediate clearance has existed for many years. But then I suppose that wouldn't involve them sitting on the interest for a couple of days while the amount sits in limbo. Certainly doesn't take 4 days for the amount to disappear from the drawing bank does it?

And I won't even go into how useless Lloyds TSB were when my parents had £1300 stolen from their account from their debit card used to make 4 payments (within the same week) to a Barclaycard account.

I had naturally (also seems mistakenly) assumed the bank might want to take the matter up with the police since a criminal matter, commonly known as 'theft' had occurred. They didn't even seem bothered about that, and still tried to charge my parents a couple of quid interest for being overdrawn months later, even though it was caused by the theft and had been reported to them.

They go on about millions of pounds being lost to fraud as if it isn't their fault Evil
Chip and Pin? Yeah assuming you actually try to investigate fraud when it occurs then it might have an effect.

Anyway rant over Smiley
Community Veteran
Posts: 3,231
Thanks: 244
Fixes: 3
Registered: 05-04-2007

Online Banking Phising Scams

Well not good replying to myself but even more strange ...

ING Direct (that internet savings bank) phoned my parents a few days ago to let them know we had a virus on the PC. Which of course we did and I had removed it by then - but I wonder how they knew? I think my mum did use their site around that time, so I can only assuming it was detecting strange http traffic coming to/from the PC which they picked up on.

Oh well at least we didn't lose anything, but it could have easily been the other way. Good of them to let us know really.

Right going to keep the AV bang up-to-date in the future me thinks Shockedops:
Bulldog
Newbie
Posts: 2
Registered: 30-07-2007

Online Banking Phising Scams

Well another lesson would be not to do your banking on an untrusted machine.
holdtight
Grafter
Posts: 1,634
Registered: 15-06-2007

Online Banking Phising Scams

cheers for the eye opener as i use barclays online too

glad you didnt lose anything its a good job youve got your wits about you

the dirty slimy sneaky fuc.. well you know !