cancel
Showing results for 
Search instead for 
Did you mean: 

security breach?

stewarta13wsb
Grafter
Posts: 449
Registered: 01-08-2007

security breach?

My daughter is of course a PlusNet user/referral, and her machine has everything mine has - AVG, AdAware, Spyware Blaster, SpyBot, a non XP Firewall etc.
Last night when she signed on she got a pop up window telling her her PC was insecure and may have visited illegal sites. The message included mention of her username and the fact that she was on PlusNet. There was a link to 'scan her PC for virus's' which the wise girl didn't follow :shock: (Sorry full message text a bit vague, she didn't write it down and clicked to close machine down straight away)

She does her banking on-line and is worried about what might be on her PC now or that somebody knows her details.

She's 100's of miles away and I'm not sure how best to advise her. We finished the call last night with her going to Trend Micro for a full on line scan.

Any suggestions?
10 REPLIES
Alecto
Grafter
Posts: 2,886
Registered: 30-07-2007

security breach?

Yes, it can be quite worrying, especially if you don't know much about these things. However, If she scans with all the stuff you list, plus the trend one, she should be OK.

I'd also get her to download and run c-cleaner which is a good general purpose cleaner for clearing out any old links to stuff that might be left - run the cleaner bit and the "scan for issues" bit and let it sort them all out for you.

To test her firewall is working properly, suggest she go to www.grc.com and run the shields up test. This will tell her if she's any vulnerabilities.

Finally, any site you visit can pick up your IP number and needs to do so to send info back, so that's not a worry. By default, Pn show this as your user name, but if you send them a ticket, they can change it so it displays your IP number (90.125.226.123 for example) instead. I think the technical term is reverse DNS, but if she just tickets them and asks for it to display her IP number rather than user name, they will know what she means.

And if she's got a wireless router, it needs to use the security features so that nobody else can connect to it.
N/A

security breach?

Hi,

You didn't say where this pop up originated from, i.e was it from a web page or just a pop up. It's possible for pop-up messages to be display using something called Windows Messenger (not msn related) and it's something Microsoft shutdown in Service Pack 2 for XP.
You can also download a program from GRC.Com which will do the same, it's called "Shoot the Messenger".

Banking Sites use encrypted connections, but there is a risk of keyloggers recording the passwords, but if she's using all those anti-spyware programs and a half-decent firewall and anti-virus then the risk is probably remote.
N/A

security breach?

Quote
I think the technical term is reverse DNS, but if she just tickets them and asks for it to display her IP number rather than user name, they will know what she means.


The technical term is indeed reverse DNS - just follow the path Technical Support -> Static IPs, IP Block Requests and Reverse DNS Setup -> Change my Reverse DNS (PTR) configuration in Contact Us.

Tim
avalon
Grafter
Posts: 361
Registered: 05-04-2007

security breach?

She is wise to be wary. I always use a "live" distro of Linux to do my internet banking. This is an image of a CD which you can download from the manufacturers website and is intended merely as a demo of their operating system/software. It doesn't use the hard disk in order that you can try it out without affecting your current installation.

I shut down my PC and reboot from the CD. It loads the operating system and software into memory only and doesn't use the hard disk. I type the bank address into the browser that comes with it and do my banking. Then I shut down the PC without visiting any other sites. This clears the software out of memory and leaves nothing on the hard disk either. I remove the disk and let it boot my normal operating system on the hard disk as usual.

I think this is the safest way to bank online.
N/A

security breach?

northbritish,

I'm surprised that banks aren't considering something along the lines of making a distro that will connect straight to their site.

I've got FC4 (linux) on a second hard disk, and I often use that when I want to connect to my banks.

That said, providing you run good anti-spyware and anti-keylogging software your as safe as you can be.
Alecto
Grafter
Posts: 2,886
Registered: 30-07-2007

security breach?

And on the subject of banks, it's fair to say that they don't really give a toss if someone defrauds them out of money either on the internet or via credit cards. All they do is shrug their shoulders and pass the cost on to the customer in the form of charges and extortionate interest rates.

If they really cared, they could stop most of it. A long time ago, I used to have a credit card with my photo on it, but they stopped that saying that they'd got "other security measures" meaning that they didn't give a toss if the card was stolen and used fraudulently.

So even if someone does get your bank details and steal all your money, provided you've not been GROSSLY negligent, the bank will just reimburse you.
lingbob
Grafter
Posts: 734
Registered: 05-04-2007

security breach?

Quote
Finally, any site you visit can pick up your IP number and needs to do so to send info back, so that's not a worry. By default, Pn show this as your user name, but if you send them a ticket, they can change it so it displays your IP number (90.125.226.123 for example) instead.

"Dumb question" coming up :roll:

What are the benefits, if any, of showing your IP address instead of your user name.

Regards,
Martin
Alecto
Grafter
Posts: 2,886
Registered: 30-07-2007

security breach?

Not a lot I'd guess.
In theory, I suppose from your user name they could work out your email address and send you spam.
But it probably just makes one feel happier being seen to the unknown world as 80.112.112.45 than as jimsmith - many people (such as me) use their real name as their ISP username.

.
N/A

security breach?

Linux out of the box (or iso i should say!) is more secure than XP. There is no virus' or spyware....

If you are running XP then as aleady said lock your system as tightly as you deem necessary. Use a limited account with NTFS. Use NAT if you use a router. If your house has many computers/user then keep an eye on visited sites and block them if need be.
Make sure your anti-virus is set to update as and when necessary. Trend Micro updates twice sometimes more a day!
N/A

security breach?

Quote
Linux out of the box (or iso i should say!) is more secure than XP. There is no virus' or spyware....


Your correct about the default out of the box linux distro being more secure, but there are viruses and spyware which can affect Linux. It's merely that it's a less used system, and it's security, model and structure is more secure than windows out of the box.
This means even if it does get a virus, it's less like to gain access to core elements of the OS because they are secured by the root password.
Linux is also prone to worms more than viruses, but again, it's structure means it's easier to recover.

Quote

If you are running XP then as aleady said lock your system as tightly as you deem necessary. Use a limited account with NTFS.


While the principle of using a limited account in windows is great, in reality it can prove to be troublesome. In order for some packages to run, you need to tell them to run under admin authority, and there by you lose much of the security benifit.