Solved

How could have my VISA user ID and password have been stolen?

Posted on 2008-10-28
1
203 Views
Last Modified: 2012-05-05
Earlier this month we had our personal VISA card number stolen somehow and used.  What bothered me was that they were able to get into the account information section of the online account and change my home phone number to another one (they left the address the same, as they were ordering services, not merchandise, with the card).
 
This card had the most complex user id and pw of all of our stuff.
 
How could that happen?  How can tihs be prevented?
0
Comment
Question by:jsgreiner
1 Comment
 
LVL 12

Accepted Solution

by:
jahboite earned 250 total points
ID: 22830714
One possibility (and the most likely) is that you have contracted one of the many trojan/spy malware variants which are designed specifically to log keystrokes and capture information used for online banking.  This could have been installed whilst browsing the web and visiting a site in which some client-side scripting exploited a vulnerability in your web-browser, its plugins or the operating system itself.
The information captured is usually sent to a destination somewhere on the internet where the criminal who deployed the malware collects information from thousands of compromised computers and this information is often sold to people who are willing to take the risk of using those details to obtain money or goods (which can then be sold).

To avoid such a thing happening in the future is not exactly simple, but you can take steps to dramatically reduce the likelihood:
Use Mozilla's firefox web-browser www.mozilla.com/firefox/ and get the NoScript add-on for firefox.  This helps to prevent the kinds of malicious scripting that cause such infections whilst browsing the web.
Use a good Anti-Virus solution and keep it updated.  There are many available, but none will ensure that you never become infected with malware again.
Pro-actively manage the software installed on your computer - particularly that which is available via your web-browser (such as Adobe Flash, Reader (pdf), Quicktime etc ) and make sure you are always using the latest (and most secure) versions.  A great tool to help in this respect is (Personal Software Inspector) PSI from Secunia http://secunia.com/vulnerability_scanning/personal/ which will scan your computer for software for which there are more secure versions and help you to update them.

Hope that helps a bit.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
E-mail spoofing 15 79
Probable TCP NULL scan detected 10 175
bypass UAC - always notifiy 4 55
Different types of mobile security tests 3 92
Malicious software is nothing new. Viruses have been created and spread since before physical networks became popular; back then viruses spread via floppy disk and modem connections with shared systems. Viruses weren't so rampant and protecting your…
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now