security breach password reset

Posted on 2007-08-03
Last Modified: 2013-12-04
I have just received a notice that my password was changed at my bank and now I can't get into my email. I have contacted the bank and no money was moved, i cancelled all online banking and got a new email address.  I am going to reformat my computer, is there anything else I should do ? Is there anything to prevent this or do you know what caused it? thank you. Kathryn
Question by:kathryncodo
    LVL 32

    Expert Comment

    "I  have just received a notice that my password was changed at my bank ..."

    Well, the first thing I would do is to confirm this with your bank either by telephone or in person. Do not rely on any email from the bank.  Please do not reformat your computer quite yet. There are a whole lot of phishing (i.e. fake) emails flying around pretending to be from various banks, and most of them look very real but they are all fake.

    Please let us know how you received that notice. If by email then do not trust it without independent verification.

    "....and now I can't get into my email."

    Please clarify this point. How is your email connected with your bank? Do you work for the bank? In what way does the bank provide your email address?

    "Is there anything to prevent this or do you know what caused it?"

    Yes, there are several steps you can take to stay safe online, but please  post back with the above information and I'll try to help further.


    PS: Here is an excerpt from an email I got from my "bank" just yesterday"

    "We are sorry to inform you that we noticed multiple failed logins at your account
    This Security Measure is used to prevent identity theft and to secure your account......."

    It was quite fake, of course.

    LVL 28

    Expert Comment

    by:Jan Springer
    Agree with r-k.

    Also check your machine for viruses, etc to be sure that there wasn't a keylogger installed.

    And, what is the relationship with your email account and your on-line bank account?

    Author Comment

    I recieved a phone call from the bank and went to the bank in person to verify. no association with email and bank.  I am getting a bunch of numbers and letters saying I cn't get to my email. I have cancelled all online banking and signed up with a new email from a different provider.  I want to reformat incase I can't get the keylogger or virus out.
    LVL 28

    Expert Comment

    by:Jan Springer
    If your password at the bank and your password for your email was changed without your authorization, I would lean toward an infected computer.

    If you choose to reformat and reinstall from scratch, make sure that you have both a firewall and anti-virus software loaded.   There are lots of good anti-virus software but I personally perfer Norman.

    Then connect to the net and the first thing that you do is update your system starting with the security patches first.

    Install and use an email client that has junk filtering capability.  I use Thunderbird for this.

    Make sure to check for updates *daily* on your AV, system and application software.
    LVL 32

    Accepted Solution

    OK, in that case I am glad you were able to get your bank account locked up before anyone could withdraw any money.

    Reformatting is a fair option. Quite possibly there may be a rootkit or keylogger installed. Before reformatting, you should save any important documents, pictures etc. you may have there. Do you have a good backup? Do you have access to another PC? Otherwise if you have an external USB drive I would just copy anything of value to that. Don't overlook anything like e-mail, web favorites etc.

    If you have the original XP CD (are you running XP?) you can boot from that and reinstall your system after deleting the existing partition and reformatting the C: drive (all this during the install process). Be sure you have your files saved in a safe recoverable way because deleting the partition will erase everything, including any possible virus.

    Before reformatting your drive, run Control Panel -> System -> Device Manager and note the full description of the following items: Video Device, Network Devices and Sound Devices. You may need this information after the reinstall.

    If you want to try and look for the keylogger before doing a reformat then please download RootkitRevealer from: and scan your C: drive. It's a bit slow but very complete. If it finds anything please post the first 30 lines or so of the log here. Be sure to save the log in any case.

    LVL 32

    Expert Comment

    Also, it is possible the keylogger/virus is not very sophisticated, in which case you can do the following first, because it just takes a couple of minutes:

    (1) Download Autoruns from:
    (2) Run the program. It lists a bunch of things that start when Windows starts.
    (3) From the menu bar, select Options, and uncheck "Include Empty Locations" and "check" "Hide Microsoft Entries"
        Important -> Then click the Refresh button in the toolbar.
    (4) This will give you a shorter, more meaningful list.
    (5) Use the File -> Save as.. option in Autoruns to save the list to a text file and then cut and paste it here.

    This will reveal many common types of malware.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
    Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    This video discusses moving either the default database or any database to a new volume.

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now