One thing that is a big hole in this person's question, is he didn't say he had 2FA enabled for this account. Maybe he forgot to mention he had this, but remember, it's a must these days. Most all banks now require this. If your bank doesn't, enable it.
My bank account was hacked when i used Paypal to make a purchase.I cancelled my Paypal account and have had no future problems.Looks like someone hacked Paypal to get my details or it was was someone internally in the Paypal orginisation.Makes you wonder don`t it ?
May I add what I have told customers in the past who object to doing business online? Even if you don't, your bank and businesses that you buy from DO. Which means that even if you write a check, it goes online at some point. The same for credit/debt cards. All you can do is use common sense security practices and HOPE that nothing happens. Until things change, if they can, it is what it is...
Never save your username or password on your PC. Never trust a web page, before you have checked thst it is the right page and not just looks so. Never tip in your information even on your bank's web page in a readable form that could he copied on the screen by somebody who is spying your PC at the same moment. Use a separate hardware like your phone to confirm.
Another possibility: your financial institution is just ignorant. About 15 years ago I was a web developer working on a portal for a 401k management company. Other companies would upload their payroll information through this portal. No joke, the benefits management company refused to allow me to encrypt their database because they "wanted to be able to run ad hoc queries on the data" instead of paying my employer more money for secure database tools. Literally thousands of people's addresses, phone numbers, and social security numbers just sitting on a server in plain text waiting to be hacked! It blew my mind.
I received and Email from a friend with an old photo of me. Opening the photo I seem to end on a strange web site. One day later my friend did send an email, that his Windows computer had been hacked. Fortunately I use Ubuntu (Linux) and the hack, like most hacks, was incompatible with Linux. I have another defense, I run my applications in Virtualbox Virtual Machines (VM). So I have a VM for all communication Apps, like Email, WhatsApp, Facebook Messenger, etc and I have another one exclusively for Banking and PayPal. I even have one VM for Windows 11 Pro. They all run on top of the OpenZFS file system and I snapshot (copy) everything each Saturday. To be sure I rolled back the communication Apps VM to the safe snapshot of last Saturday, directly after ending up on that strange web-site. It all runs on a Ryzen 3 2200G with 16GB of DDR4, the most frequently used VMs are stored on a 512GB Silicon Power nvme-SSD (3400/2300 MB/s)
yeah. your ip address is the same for all of those. you are looking in the wrong place. a vm of windows is almost exactly as insecure as windows. also, switch to debian. it's the stable version of ubuntu.
@@SF-tb4kb 1. Each VM gets its IP address from my hardware wifi router, so all IP addresses are different. 2. Wrong, a VM of Windows is more secure than HW Windows, because it is only booted, when needed and I almost never use Windows for browsing the Internet. All email; WhatsApp and other communication apps run on Xubuntu and never on Windows. The chance that my Windows VM gets infected is absolutely minimal. 3. Ubuntu is a very reliable, I don't believe Debian is more reliable, I'm convinced the difference is not noticeable. I stick to Ubuntu, since: - I use it since 2008 and it has nice family members; - it has formal support for OpenZFS; - I like its improvements to Gnome 42.
@@bertnijhof5413 the ip address of your vm is nat, to your internet ip address. yes that is some protection, but you still have all devices on your router as attack vectors. Unless you have lots of internet ip addresses, which almost nobody does.
Rather than bother with VM software, it's far easier and faster to use any of the lean Linux distributions off a bootable USB stick or micro SD card. Set up the stick with a reasonable amount of space allocated for "persistence" using the Pendrive's settings. That way, the boot process is barely 30 to 60 seconds long, your presence online is only temporary and very unlikely to be hacked.
@@n.miller907 My Linux VMs boot in ~10 seconds and Windows 11 Pro needs ~35 seconds. They all boot from the nvme SSD. Besides I can keep more VMs running at the same time. Note that a VM is only present on-line, after you boot it. Besides Virtualbox can encrypt VMs and I used it to encrypt my Banking VM. Note that my Host OS and almost all VMs are closed for inbound traffic and see also my reply to "S F" here below. I use Virtualbox since ~2009 and that is easy to use compared to virt-manager of QEMU/KVM, but Gnome-Boxes is extremely easy to use.
Oh if my bank security were so easy I have to enter 1. account number 2. pin number 3. password 20 digit alphanumeric 4. memorable info 20 digit a unique encrypted pin sent to a card reader 5. finally enter that pin just to get my account balance.
1. you say your client card. is that your card that is assigned to you as a client of some service or are you asking on behalf of a client? if it is the first thing then did you ever expose the card a youtube video maybe accidentally forgot to redact the number when you used the card while filming for a video whether it is to buy something or to show the security features of the card or terminal. if you do expose your number you should redact rather than blur because somewhere i saw that there is a software that can use ai algorithm and shading differences to recover data that is blurred. 2. 2fa while it isnt perfect as hackers can compromise the phone by porting scams it is a big improvement. 3. you could try adding some additional chars to the password like "?!@#$%^&*()" maybe even if you are allowed binary chars and control chars. of course if there is a database breach you need to pray that the company has used good salting and peppering in the hashes. 4. long gone are the days of installing a keylogger as a separate spyware today keyloggers can be embedded into the html and javascripts even steganographically in an image on an ad. 5. anti virus is pretty much becoming useless as i think there has been a compromise of the software in a past invasion.
When everything isn’t enough.
One thing that is a big hole in this person's question, is he didn't say he had 2FA enabled for this account. Maybe he forgot to mention he had this, but remember, it's a must these days. Most all banks now require this. If your bank doesn't, enable it.
Insider threat at the bank
My bank account was hacked when i used Paypal to make a purchase.I cancelled my Paypal account and have had no future problems.Looks like someone hacked Paypal to get my details or it was was someone internally in the Paypal orginisation.Makes you wonder don`t it ?
OMG! Sorry, If yo still need rec0very, check my username up
Yes, get use to it, on line digital banking is coming!
May I add what I have told customers in the past who object to doing business online? Even if you don't, your bank and businesses that you buy from DO. Which means that even if you write a check, it goes online at some point. The same for credit/debt cards. All you can do is use common sense security practices and HOPE that nothing happens. Until things change, if they can, it is what it is...
Might want to make sure no one in your own household got your info.
You get a email it could not be from your bank
Never save your username or password on your PC. Never trust a web page, before you have checked thst it is the right page and not just looks so. Never tip in your information even on your bank's web page in a readable form that could he copied on the screen by somebody who is spying your PC at the same moment. Use a separate hardware like your phone to confirm.
Also use a VPN to prevent snoopers
Another possibility: your financial institution is just ignorant. About 15 years ago I was a web developer working on a portal for a 401k management company. Other companies would upload their payroll information through this portal. No joke, the benefits management company refused to allow me to encrypt their database because they "wanted to be able to run ad hoc queries on the data" instead of paying my employer more money for secure database tools. Literally thousands of people's addresses, phone numbers, and social security numbers just sitting on a server in plain text waiting to be hacked! It blew my mind.
I use a separate tablet using the bank's dedicated application. I don't use this tablet for anything else.
So what should we do. Go back to worthless cash?
Social website gets information
Don't do digital banking
Insider attack aka called an inni
I received and Email from a friend with an old photo of me. Opening the photo I seem to end on a strange web site. One day later my friend did send an email, that his Windows computer had been hacked. Fortunately I use Ubuntu (Linux) and the hack, like most hacks, was incompatible with Linux.
I have another defense, I run my applications in Virtualbox Virtual Machines (VM). So I have a VM for all communication Apps, like Email, WhatsApp, Facebook Messenger, etc and I have another one exclusively for Banking and PayPal. I even have one VM for Windows 11 Pro. They all run on top of the OpenZFS file system and I snapshot (copy) everything each Saturday. To be sure I rolled back the communication Apps VM to the safe snapshot of last Saturday, directly after ending up on that strange web-site.
It all runs on a Ryzen 3 2200G with 16GB of DDR4, the most frequently used VMs are stored on a 512GB Silicon Power nvme-SSD (3400/2300 MB/s)
yeah. your ip address is the same for all of those. you are looking in the wrong place. a vm of windows is almost exactly as insecure as windows. also, switch to debian. it's the stable version of ubuntu.
@@SF-tb4kb 1. Each VM gets its IP address from my hardware wifi router, so all IP addresses are different.
2. Wrong, a VM of Windows is more secure than HW Windows, because it is only booted, when needed and I almost never use Windows for browsing the Internet. All email; WhatsApp and other communication apps run on Xubuntu and never on Windows. The chance that my Windows VM gets infected is absolutely minimal.
3. Ubuntu is a very reliable, I don't believe Debian is more reliable, I'm convinced the difference is not noticeable. I stick to Ubuntu, since:
- I use it since 2008 and it has nice family members;
- it has formal support for OpenZFS;
- I like its improvements to Gnome 42.
@@bertnijhof5413 the ip address of your vm is nat, to your internet ip address. yes that is some protection, but you still have all devices on your router as attack vectors.
Unless you have lots of internet ip addresses, which almost nobody does.
Rather than bother with VM software, it's far easier and faster to use any of the lean Linux distributions off a bootable USB stick or micro SD card. Set up the stick with a reasonable amount of space allocated for "persistence" using the Pendrive's settings.
That way, the boot process is barely 30 to 60 seconds long, your presence online is only temporary and very unlikely to be hacked.
@@n.miller907 My Linux VMs boot in ~10 seconds and Windows 11 Pro needs ~35 seconds. They all boot from the nvme SSD. Besides I can keep more VMs running at the same time. Note that a VM is only present on-line, after you boot it. Besides Virtualbox can encrypt VMs and I used it to encrypt my Banking VM. Note that my Host OS and almost all VMs are closed for inbound traffic and see also my reply to "S F" here below.
I use Virtualbox since ~2009 and that is easy to use compared to virt-manager of QEMU/KVM, but Gnome-Boxes is extremely easy to use.
Boost mobile got hacked
Can you provide a citation/news report?
Excellent
welcome to 1999 buddy
Oh if my bank security were so easy I have to enter
1. account number
2. pin number
3. password 20 digit alphanumeric
4. memorable info 20 digit
a unique encrypted pin sent to a card reader
5. finally enter that pin just to get my account balance.
Barclays new sercurity,a pain in the ass.
1. you say your client card.
is that your card that is assigned to you as a client of some service or are you asking on behalf of a client?
if it is the first thing then did you ever expose the card a youtube video maybe accidentally forgot to redact the number when you used the card while filming for a video whether it is to buy something or to show the security features of the card or terminal.
if you do expose your number you should redact rather than blur because somewhere i saw that there is a software that can use ai algorithm and shading differences to recover data that is blurred.
2. 2fa while it isnt perfect as hackers can compromise the phone by porting scams it is a big improvement.
3. you could try adding some additional chars to the password like "?!@#$%^&*()" maybe even if you are allowed binary chars and control chars.
of course if there is a database breach you need to pray that the company has used good salting and peppering in the hashes.
4. long gone are the days of installing a keylogger as a separate spyware today keyloggers can be embedded into the html and javascripts even steganographically in an image on an ad.
5. anti virus is pretty much becoming useless as i think there has been a compromise of the software in a past invasion.