Fraud Warning! - Page 2

Snadinator · 03-04-2014, 09:11 AM

Quote:

Originally Posted by Sithlord32

Yeah I practice safety when and where I can. All my PW are different and I change them regularly. Never used IE it has always sucked. The browsers I do use are set up to not remember any passwords and dump all history and cookies on every tab and browser close. I use PW verification with SMS to my phone on every site that allows it and I keep record of every transaction and check my accounts on a weekly basis for every transaction. I was a victim of Target I guess or so they said even though I hadnt been to target on some time.

How's the software on your PC? Everything updated? Java, Adobe? Operating system? Office software? Better yet, disable the java plug-in for your browser if possible.

**Vince-Vell** · 03-04-2014, 12:02 PM

one thing to stay away from is Wifi on your phone or iPads. This is causing tons of people to get hacked.

Not saying you did or people do, but using wifi at coffee shops etc... is getting peoples info stolen like crazy now. So to be safe use only sage wifi areas like your home.

Snadinator · 03-04-2014, 12:46 PM

Quote:

Originally Posted by Vince-Vell

one thing to stay away from is Wifi on your phone or iPads. This is causing tons of people to get hacked.

Not saying you did or people do, but using wifi at coffee shops etc... is getting peoples info stolen like crazy now. So to be safe use only sage wifi areas like your home.

That is true. I can sit in a cofee shop or hotel with my laptop and run software that would broadcast a wifi access point of the same name but it would be broadcasted much louder. When people search the SSID, they would see my spoofed broadcast and connect to it. I could then re-route your connection to the real wifi and you wouldn't know you are the victim of a man-in-the-middle attack. Meanwhile I am capturing all inbound and outbound packets.

Another is bringing your mobile device to foreign countries. Some countries, like Russia or China, will push malware onto your mobile the second you step off the plane. They can then listen in on all calls, text messages and data use. They can turn your phone into a bug and listen to your surroundings, even if not in use. This is why some high security clearance jobs will not permit you to bring a mobile device on the premises.

If you are going to a country that the five eyes consider "untrusted", it would be best to get a throw away phone... especially if it is for business.

I'd also get an RFID proof wallet or at the very least, make an aluminum sleeve to put your debit/credit cards in. For next to nothing, I can use a cheap RFID scanning tool and scan your credit and debit cards through your pants and wallets, just by walking next to you. With sufficient skills, someone can make a potent RFID scanner and put it in a brief case or backpack and scan everyone they walk by.

Juggernaut · 03-04-2014, 04:40 PM

Quote:

Originally Posted by Vince-Vell

one thing to stay away from is Wifi on your phone or iPads. This is causing tons of people to get hacked.

Not saying you did or people do, but using wifi at coffee shops etc... is getting peoples info stolen like crazy now. So to be safe use only sage wifi areas like your home.

I am so happy for my Nokia that I bought years ago.

It belongs in a museum but I won't get hacked with that relic.

Sithlord32 · 03-04-2014, 07:46 PM

Quote:

Originally Posted by Snadinator

How's the software on your PC? Everything updated? Java, Adobe? Operating system? Office software? Better yet, disable the java plug-in for your browser if possible.

Yes I have auto update on for everything that I need I don't have any excess programs just basically what I need and use regularly. I never used the Java plug in really I disable it everything in my browser all together so nothing can script and it has to prompt me when something needs it to run. Its a bit annoying but it has saved me in the past.My avast pro also has script blocking.
I keep my TCP ports activity under wraps through CMD. I rarely have more than 2-10 ports open at any given time I dont kn ow if that matters or not but if something dosent drop after a bit like google likes to stay open for longer than it should I shut it down.

Quote:

Originally Posted by Vince-Vell

one thing to stay away from is Wifi on your phone or iPads. This is causing tons of people to get hacked.

Not saying you did or people do, but using wifi at coffee shops etc... is getting peoples info stolen like crazy now. So to be safe use only sage wifi areas like your home.

I have a tablet but I have an alternate email address i use for it and I do not use it to access any private information or purchase anything.Same with my phone. I make calls and text people and us the gps but thats about it.

Quote:

Originally Posted by Snadinator

That is true. I can sit in a cofee shop or hotel with my laptop and run software that would broadcast a wifi access point of the same name but it would be broadcasted much louder. When people search the SSID, they would see my spoofed broadcast and connect to it. I could then re-route your connection to the real wifi and you wouldn't know you are the victim of a man-in-the-middle attack. Meanwhile I am capturing all inbound and outbound packets.

Another is bringing your mobile device to foreign countries. Some countries, like Russia or China, will push malware onto your mobile the second you step off the plane. They can then listen in on all calls, text messages and data use. They can turn your phone into a bug and listen to your surroundings, even if not in use. This is why some high security clearance jobs will not permit you to bring a mobile device on the premises.

If you are going to a country that the five eyes consider "untrusted", it would be best to get a throw away phone... especially if it is for business.

I'd also get an RFID proof wallet or at the very least, make an aluminum sleeve to put your debit/credit cards in. For next to nothing, I can use a cheap RFID scanning tool and scan your credit and debit cards through your pants and wallets, just by walking next to you. With sufficient skills, someone can make a potent RFID scanner and put it in a brief case or backpack and scan everyone they walk by.

Thats just crazy. Too much tech out there with too little know how.

Snadinator · 03-05-2014, 09:47 AM

Quote:

Originally Posted by Sithlord32

Thats just crazy. Too much tech out there with too little know how.

The problem is that people who design technology often only think of functionality and not security.

Did you know Pacemakers can be hacked remotely? There is a fear that someone could walk into a hospital and deliver a lethal shock to a room full of people with a pacemaker.

A friend of mine demonstrated how he could wipe all records at a vetenarian. The vet would implant RFID chips into dogs and scan them when they came in. He took the RFID chip and put in a simple SQL injection command to drop tables. When the vet scanned the dog, he lost all his data. If the one who designed this system considered security, he would have sanitized input before processing it.

The tire sensor on cars to notice when you are loosing air pressure has been demonstrated as an entry point for hackers. DARPA put a video on youtube. They could force the car to steer in any direction, speed up, break, lock doors, open windows etc... Very scary.

Snadinator · 03-05-2014, 09:50 AM

Quote:

Originally Posted by Sithlord32

nothing can script and it has to prompt me when something needs it to run.

With drive-by-downloads, you do not get prompted. Remember, that prompt is just 1's and 0's. It can be bypassed just as any software can.

**Vince-Vell** · 03-05-2014, 11:08 AM

Quote:

Originally Posted by Sithlord32

I have a tablet but I have an alternate email address i use for it and I do not use it to access any private information or purchase anything.Same with my phone. I make calls and text people and us the gps but thats about it.

Its not about using a email on a public wifi, its if you connect to a public wifi you are already hacked. Doesn't have to be a email to get hacked.

So if you go into a coffee shop and use a public wifi, bit its not the coffee shops wifi and someones fake wifi and you connect. They are into your phone and can just sift thru the whole tablet for into like saved web page passwords, your name, address, phone number, CC card info if you got it on there etc...

Just to be safe never used a public wifi, unless you know its 100% safe like a friends house wifi thats locked and secured etc...

Nira-Fan · 03-05-2014, 06:18 PM

Quote:

Originally Posted by Snadinator

So how do you best protect yourself? There is no 100% security but the best defense is keeping all software on your device up to date.

I'd say the best defense is to avoid online banking/ finance as much as possible.

You're right about there being no 100% defense. About a year or two back, I placed a phone-order with Powell's Books. Suddenly the credit card I used got hit with all sorts of spurious charges. Since I hadn't used it at all for a very long time prior to Powell's, it's fairly obvious where the 'breach' happened.

Snadinator · 03-07-2014, 10:09 PM

Quote:

Originally Posted by Nira-Fan

I'd say the best defense is to avoid online banking/ finance as much as possible.

Sure but how plausible is it? Are you going to avoid plastic altogether and pay cash so as to avoid something like the Target breach where memory was scrapped and sent to the criminals? Carrying cash has risks as well.