Facebook   Twitter    YouTube    RSS Feed    Android App    iPhone and iPad App     BlackBerry App    
Subscribe to Newsletter



Page 1 of 2 1 2 LastLast
Results 1 to 15 of 30

Thread: How scammers get into your bank account

  1. #1

    Default How scammers get into your bank account

    How scammers hack your bank account

    Online banking scams are more sophisticated than you think

  2. #2
    Super Grandmaster RichardG's Avatar
    Join Date
    Apr 2005
    Location
    Johannesburg/Jozzi South Africa
    Posts
    6,898

    Default

    I went to a banker last week. I have separate account numbers for everything, internet banking, CC notification SMS. Received an SMS informing me I have won a RICA didn't believe it, 3 days later get the same sms on my other mobile phone. Coincidence or does this certain individual have a friend working at the bank. I am very puzzled and concerned. Banks should rather issue USB dongle thing or much better yet make use of GPS technology and see if you in the same area making internet transactions. If you not in your usual spot to allow u to do 1 or 2 transactions, then red flagging the account. They do it with debit cards when you want to withdraw from a retailer twice in 1 day.
    Loving technology&gadgets own a Samsung Galaxy S4, Ativ S , Apple iPad4 Cellular 64 GB, i7 ivy bridge - Porting Successful

  3. #3
    Super Grandmaster
    Join Date
    Feb 2009
    Location
    Stellenbosch
    Posts
    8,017
    Blog Entries
    1

    Default

    I've been receiving tonnes of "SARS- Efiling Tax Return" and "E-filing Tax Return" (ABSA themeed) Emails on my address the past 2 months that I've registered ONLY on the FirstAscent website. I love my one time Email addresses that allow me to see EXACTLY who leaked my information online.

    I am also receiving these phising Emails on my other accounts, but nowhere near the amount they flood in on my FirstAscent account...

    I'd love to see how these hackers get past a second factor authentication that doesn't involve you entering an OTP into the compromised website AND when the IMSI number is being monitored too (meaning SIM clones won't work either) !
    I suppose social engineering would be their best bet.

  4. #4

    Default

    Quote Originally Posted by Pada View Post
    I've been receiving tonnes of "SARS- Efiling Tax Return" and "E-filing Tax Return"
    Not me. The only emails I've been getting were from my bank...telling me to watch out for XYZ that is specifically targeting said bank. Never got the actual phishing mail that was being warned against...I guess google spam caught it.

    Quote Originally Posted by Pada View Post
    AND when the IMSI number is being monitored too (meaning SIM clones won't work either) !
    Do tell...I'm not aware of any IMSI monitoring? Not sure its even feasible...people switch phones all the time.
    Man walks down the street in that hat, people know he's not afraid of anything.

  5. #5

    Default

    Strange how the banks or networks are not mentioning FICA.

    The result of most scams = money transferred to other accounts before being withdrawn at atms.
    Surely these accounts lead to people who actually own them, if the account owners details are fake, then the bank is at fault for not verifying FICA details correctly.

    Ultimately, banks should be able to trace when the money goes to up until the atm.

    Edit - also, its time that SARS and banking websites all use a higher level of ssl certs which atleast turn the address bar green.

    I think these institutions owe it to their customers to provide training/help in regards to how to verify the website you are using. Example, how to look at the ssl cert and verify that its authentic.
    Last edited by djiceman; 18-04-2013 at 07:49 AM.

  6. #6
    Super Grandmaster
    Join Date
    Feb 2005
    Location
    Centurion
    Posts
    5,466

    Default

    Quote Originally Posted by djiceman View Post
    Strange how the banks or networks are not mentioning FICA.

    The result of most scams = money transferred to other accounts before being withdrawn at atms.
    Surely these accounts lead to people who actually own them, if the account owners details are fake, then the bank is at fault for not verifying FICA details correctly.

    Ultimately, banks should be able to trace when the money goes to up until the atm.

    Edit - also, its time that SARS and banking websites all use a higher level of ssl certs which atleast turn the address bar green.

    I think these institutions owe it to their customers to provide training/help in regards to how to verify the website you are using. Example, how to look at the ssl cert and verify that its authentic.
    Uhm this is actually explained in the article. The scammer gets an innocent "friend" to lend them their account for a nominal fee (probably some random person he sits next to on a taxi). By the time someone finds the owner of the account, the scammer is long gone and the owner will have no clue what happened.

    I wonder how long the banks take to trace people and how successful it actually is. We have all these RICA and FICA laws, but we never hear about any of this actually being used to capture any criminals. Is there any stats from banks and cellphones companies out there regarding this? Or is RICA and FICA, as we all suspected, just a bunch of mismanaged paperwork?
    Last edited by diabolus; 18-04-2013 at 07:58 AM.

  7. #7
    Grandmaster
    Join Date
    Jan 2007
    Location
    Your GF's bedroom
    Posts
    2,367

    Default

    DJiceman....you did not read the article then did you

    They use legal accounts...

    "One such trick is using the video camera on a smartphone to record the passwords employees type into the web-based admin software they use at many mobile networks."

    This sounds a bit too mission impossible for me....does this guy know what he is talking about?

    From what I've seen is that they get access with phishing...them simply do a simswap on your number. this can be done on any network with minimal info....yes....over the phone.

    Some phishing sites will even prompt you for the code you just received (them adding a beneficiary)

    Money gone!

  8. #8
    Super Grandmaster supersunbird's Avatar
    Join Date
    Oct 2005
    Location
    Garsfontein, Pretoria
    Posts
    19,531

    Default

    Quote Originally Posted by diabolus View Post
    Uhm this is actually explained in the article. The scammer gets an innocent "friend" to lend them their account for a nominal fee (probably some random person he sits next to on a taxi). By the time someone finds the owner of the account, the scammer is long gone and the owner will have no clue what happened.

    I wonder how long the banks take to trace people and how successful it actually is. We have all these RICA and FICA laws, but we never hear about any of this actually being used to capture any criminals. Is there any stats from banks and cellphones companies out there regarding this? Or is RICA and FICA, as we all suspected, just a bunch of mismanaged paperwork?
    Owner of the account must then be held liable maybe, unless they can provide their "friends" details...
    Boycott MWEB
    1. Leave MWeb! They WILL throttle your 1Mbps line to death as soon you download over 100GB
    2. Cancellation form

  9. #9

    Default

    Why don't the banks simply use 2 step authentication?

    For example Capitech mobile app requires you to put a pin number into the app before it issues a generated number that you have to use to log into internet banking. If you do not have a capable phone they use to issue RSA tokens.

  10. #10

    Default

    Gullible people clicking links emailed to them...
    in the words of Mythbuster's Adam Savage.... well there's your problem!
    Get your 2Gb free Dropbox account

  11. #11

    Default

    Why is it I get 10x more ABSA oriented emails then other banks? The scammer know ABSA is weak.

  12. #12

    Default

    Quote Originally Posted by supersunbird View Post
    Owner of the account must then be held liable maybe, unless they can provide their "friends" details...
    I know that there are cases where many accounts are setup with false identity documents, the scammers then use mules to make the withdrawals.

  13. #13
    You can't stop The Signal Jan's Avatar
    Join Date
    May 2010
    Location
    The Rabbit Hole
    Posts
    2,560

    Default

    Just read some of the front page comments and I have to let off steam somewhere...

    Sweet mother of Hitchens! Getting your username and password are the least impressive parts of the attack and that's what people are focussing on?!

    Phew. Much better.

    EDIT: Just clarifying that my little rant isn't directed at anyone in this thread, or anyone in particular. For instance I completely agree with TirNaNog: Don't fall for the scam. Secondly: Don't click on dodgy links from your insecure PC. If you must, use a VM or something.
    Last edited by Jan; 18-04-2013 at 10:16 AM.
    Quote Originally Posted by TJ99 View Post
    Tech "journalists" are vile sub-human scum, only 1 step above gaming "journalists" these days. Check out the 1st comment for the real story. Of course nothing will ever convince the true believers.

  14. #14

    Wink Sweet Rosemary

    Quote Originally Posted by Jan View Post
    Just read some of the front page comments and I have to let off steam somewhere...

    Sweet mother of Hitchens!
    [B]Getting your username and password are the least impressive parts of the attack[/B}
    and
    that's what people are focussing on?!

    Phew. Much better.
    What would be better is if you told us what the MOST impressive parts of the attack are ????
    Weez wantz to NO

  15. #15
    Karmic Sangoma ghoti's Avatar
    Join Date
    Jan 2005
    Location
    Hotel California
    Posts
    40,301
    Blog Entries
    9

    Default

    Quote Originally Posted by Jan View Post
    Just read some of the front page comments and I have to let off steam somewhere...

    Sweet mother of Hitchens! Getting your username and password are the least impressive parts of the attack and that's what people are focussing on?!

    Phew. Much better.

    EDIT: Just clarifying that my little rant isn't directed at anyone in this thread, or anyone in particular. For instance I completely agree with TirNaNog: Don't fall for the scam. Secondly: Don't click on dodgy links from your insecure PC. If you must, use a VM or something.
    Personally I think more information on how hackers get access to your username and password so readers can prevent it would have been more useful. But thats my opinion. Interesting article still. At least the reader of your article can proactively do something about the first steps if they have the right information.

    If you can stop the first step normally you dont have to worry about the rest of the steps. People reading that article for instance are unable to stop people falling for sob stories and are unable to stop criminals corrupting cell phone network operators. Its beyond their control and to me, the least impressive bit of this.

    Thank you for this important article.
    Last edited by ghoti; 18-04-2013 at 10:30 AM.
    "To live is the rarest thing in the world. Most people exist. That is all..." - Oscar Wilde

Page 1 of 2 1 2 LastLast

Similar Threads

  1. Replies: 17
    Last Post: 09-06-2013, 05:47 PM
  2. opening another bank account... which bank?
    By techead in forum Health, Wealth, Leisure and Relationships
    Replies: 16
    Last Post: 19-02-2013, 08:34 AM
  3. Scammers Bank Details
    By firewall in forum Off Topic
    Replies: 44
    Last Post: 10-03-2011, 02:03 PM
  4. U.S Bank Account
    By lima0706 in forum Off Topic
    Replies: 7
    Last Post: 20-03-2010, 10:42 PM
  5. Replies: 205
    Last Post: 30-01-2010, 08:14 AM

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •