[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 333
  • Last Modified:

security breach password reset

I have just received a notice that my password was changed at my bank and now I can't get into my email. I have contacted the bank and no money was moved, i cancelled all online banking and got a new email address.  I am going to reformat my computer, is there anything else I should do ? Is there anything to prevent this or do you know what caused it? thank you. Kathryn
0
kathryncodo
Asked:
kathryncodo
  • 3
  • 2
1 Solution
 
r-kCommented:
"I  have just received a notice that my password was changed at my bank ..."

Well, the first thing I would do is to confirm this with your bank either by telephone or in person. Do not rely on any email from the bank.  Please do not reformat your computer quite yet. There are a whole lot of phishing (i.e. fake) emails flying around pretending to be from various banks, and most of them look very real but they are all fake.

Please let us know how you received that notice. If by email then do not trust it without independent verification.

"....and now I can't get into my email."

Please clarify this point. How is your email connected with your bank? Do you work for the bank? In what way does the bank provide your email address?

"Is there anything to prevent this or do you know what caused it?"

Yes, there are several steps you can take to stay safe online, but please  post back with the above information and I'll try to help further.

Thanks.

PS: Here is an excerpt from an email I got from my "bank" just yesterday"

"We are sorry to inform you that we noticed multiple failed logins at your account
This Security Measure is used to prevent identity theft and to secure your account......."

It was quite fake, of course.



0
 
Jan SpringerCommented:
Agree with r-k.

Also check your machine for viruses, etc to be sure that there wasn't a keylogger installed.

And, what is the relationship with your email account and your on-line bank account?
0
 
kathryncodoAuthor Commented:
I recieved a phone call from the bank and went to the bank in person to verify. no association with email and bank.  I am getting a bunch of numbers and letters saying I cn't get to my email. I have cancelled all online banking and signed up with a new email from a different provider.  I want to reformat incase I can't get the keylogger or virus out.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
Jan SpringerCommented:
If your password at the bank and your password for your email was changed without your authorization, I would lean toward an infected computer.

If you choose to reformat and reinstall from scratch, make sure that you have both a firewall and anti-virus software loaded.   There are lots of good anti-virus software but I personally perfer Norman.

Then connect to the net and the first thing that you do is update your system starting with the security patches first.

Install and use an email client that has junk filtering capability.  I use Thunderbird for this.

Make sure to check for updates *daily* on your AV, system and application software.
0
 
r-kCommented:
OK, in that case I am glad you were able to get your bank account locked up before anyone could withdraw any money.

Reformatting is a fair option. Quite possibly there may be a rootkit or keylogger installed. Before reformatting, you should save any important documents, pictures etc. you may have there. Do you have a good backup? Do you have access to another PC? Otherwise if you have an external USB drive I would just copy anything of value to that. Don't overlook anything like e-mail, web favorites etc.

If you have the original XP CD (are you running XP?) you can boot from that and reinstall your system after deleting the existing partition and reformatting the C: drive (all this during the install process). Be sure you have your files saved in a safe recoverable way because deleting the partition will erase everything, including any possible virus.

Before reformatting your drive, run Control Panel -> System -> Device Manager and note the full description of the following items: Video Device, Network Devices and Sound Devices. You may need this information after the reinstall.

If you want to try and look for the keylogger before doing a reformat then please download RootkitRevealer from: http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx and scan your C: drive. It's a bit slow but very complete. If it finds anything please post the first 30 lines or so of the log here. Be sure to save the log in any case.

0
 
r-kCommented:
Also, it is possible the keylogger/virus is not very sophisticated, in which case you can do the following first, because it just takes a couple of minutes:

(1) Download Autoruns from: http://www.microsoft.com/technet/sysinternals/utilities/Autoruns.mspx
(2) Run the program. It lists a bunch of things that start when Windows starts.
(3) From the menu bar, select Options, and uncheck "Include Empty Locations" and "check" "Hide Microsoft Entries"
    Important -> Then click the Refresh button in the toolbar.
(4) This will give you a shorter, more meaningful list.
(5) Use the File -> Save as.. option in Autoruns to save the list to a text file and then cut and paste it here.

This will reveal many common types of malware.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now