gemma10

Had a call from my bank this am [genuine] to ask if I had withdrawn an ammount from my savings by internet banking, to which the answer was no. Then told someone had tried to withdraw a very much larger ammount but it was blocked- hence the call. Now just done a boot time scan with avast and mbytes and nothing found at all-All clean. So I ask the question, just how was this done on a banking safe server page. Havent given any bank details to anyone or had opened any pfishing emails. Was told I would be debited the ammount withdrawn when they find the problem. You never think it will happen to you, but when it does I find I am baffled. Probably time I went down the mac route.

SpringHeeledJack

Maybe you've used a wifi at a cafe/station/airport/whatever and some clever computer person managed to syphon off your details as you used the connection ? Maybe it's within the banks security architecture and you were just one of the unlucky persons who got caught in their net.

I would recommend that, but these days the uptake of users of Apple's products have made them mainstream and the hackers have taken notice. That said, touch wood, so far no real problems experienced in my case.



SHJ

mixture

They have taken notice.... but given the backend of OS X is BSD, their options are more limited than in the Microsoft world. Never say never, of course.... and same rules apply about not clicking on stuff etc.

Most of the exploits for OS X to date have taken place not on OS X directly, but through third-party software (e.g. Adobe Flash). So the old adage of keeping software up to date and only using software from trusted developers applies.

I concur with SHJ though on recommending Apple products.

As for gemma's original question.... might have been Wifi, maybe he's got a keylogger on his PC .... maybe he used someone else's computer to do his online banking at some point ? The possibilities are endless

piemanpete

Fwiw it's known as *phishing*, not pfishing (something to do with Pfizer drug co?).

Saab Dastard

Is it coincidence that there's recently been a major, major security scare about the compromise of OpenSSL? If your banking still relies on password and security details that you haven't had to change for a few months (or years), then it could be down to that.

If your bank has issued a security token that generates a one-time password, then you should be immune.

SD

gemma10

Thanks SD, I was rather thinking along the same lines. For info I have run Avast, Mbytes and Hitman pro in safe mode. All clear everywhere. I`ll add that I have only ever used a Internet shop once 2 years ago to buy a ferry ticket-so I dought that was the reason.

A A Gruntpuddock

Similar thing happened to me with my credit card - payment made somewhere in Asia which was 'out of my normal spending pattern' (or some such phraseology) and triggered an alert.

When I wondered which site may have been compromised and leaked my details, I was told that the crooks used computers to generate likely credit card numbers then try to make small internet purchases.

If a card number was not rejected by a site, they knew it matched a genuine card and they tried all the possible security codes until they hit the right one.

After a successful purchase they quickly made larger purchases of easily re-sellable items before the card holder became aware of what was going on.

Never needed my actual details at any time!

Used to be worried about details of my spending being retained by the bank but was very glad on this occasion.