The costs of running this huge site are paid for by ads. Please consider registering and becoming a Supporting Member for an ad-free experience. Thanks, ECF team.

So your bank has told you your card is compromised

Discussion in 'Computer Security' started by retired1, Sep 6, 2016.

Thread Status:
Not open for further replies.
Image has been removed.
URL has been removed.
Email address has been removed.
Media has been removed.
  1. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    In today's world, card compromises are an all too common occurrence. Many automatically assume that it's an online store that's responsible due to all the news reports of companies that have been compromised. While this may be a possibility, all too often users forget to do the basics when their bank notifies them of a card compromise.

    The very first thing you should do upon being notified is run multiple scans of your computer. Even today, computer infections are a very common source of card compromises. There is malware specifically designed to look for and steal your personal information as well as your banking credentials. And your run of the mill anti-virus programs are very poor in detecting some of the specialized malware programs designed to steal your information. Especially if it's a rootkit.

    So, what should you do?

    First thing to do is run several scanners, the first being Malwarebytes.

    Free Anti-Malware & Internet Security Software

    This is a free program that's very good in detecting common malware infections.

    In addition to Malwarebytes, download and run the following rootkit scanners.

    GMER

    GMER - Rootkit Detector and Remover

    TDSSKiller

    TDSSKiller Download

    Rootkit Buster - (32 bit versions of Windows only)

    Trend Micro RootkitBuster Download

    The problem with rootkits is there are different ways of hiding them on your machine. Unfortunately, there's no "one size fits all" program that can detect all rootkits. This is why it's best to run several scanners just to make sure.

    Hopefully, you'll come up with a clean bill of health after running several scans. So what now?

    Unfortunately, your information that's been stolen can take anywhere from a couple of weeks to several months to show up on sites that sell stolen information. This makes trying to track down the possible source virtually impossible, especially if you tend to use your card regularly.

    The source of the compromise could be anywhere. A skimmer in the teller machine you last used to get cash, a skimmer in the gas pump when you filled up, even Point of Sale terminals are a juicy target for criminals. Once infected, a Point of Sale terminal will cheerfully forward every single card's information to a collection server. Once the crooks decide they've amassed enough information to make the sale worthwhile, they then post the information on sites that specialize in stolen credit card info.

    And to make things even worse, cash teller machines often run on vulnerable versions of Windows. There are thousands of machines out there that still run Windows XP. And we're not just talking about those independent machines you see in a gas station or tucked away in the corner of a mall. There are thousands of teller machines used by banks that haven't been updated yet.

    There's not much you can do about infected PoS terminals. However, if you shop online, there are steps you can take to help protect your information.

    Before you click that "order" button

    If you're cautious and do your homework prior to ordering on the Internet, you can greatly decrease your chances of getting nailed.

    Granted, there's no sure fire method of ensuring your information doesn't get stolen short of not using a card and paying cash for everything and disconnecting from the Internet entirely. These days, it's not a question of "if your information gets stolen", but when.
     
    • Like Like x 26
  2. LoriP1702

    LoriP1702 Ultra Member Verified Member ECF Veteran

    Supporting member
    Thank you soooooo much!! @retired1
    Knew about/have/and run Malwarebytes, but unfamiliar with the others you've linked!
    Your service here is INVALUABLE!!!! :wub:
     
    • Like Like x 2
  3. Hitmetwice

    Hitmetwice Ultra Member ECF Veteran

    Jan 18, 2012
    Ontario
    Bookmarked!
    Thank-you Sir!
     
    • Like Like x 2
  4. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    As I'm called upon to check computers for infections on a somewhat regular basis, I took a couple of USB sticks and created a tool set that can be extremely valuable.

    The first one has a myriad of malware scan tools copied to it so all I have to do is plug the drive in and install from the stick.

    The second stick has Hiren's Boot CD installed to it.

    Download Hiren’s BootCD 15.2 | HBCD Fan & Discussion Platform

    If you do ANY type of computer troubleshooting at all, this is an absolute "must have" in your tool kit arsenal.
     
    • Like Like x 6
  5. LoriP1702

    LoriP1702 Ultra Member Verified Member ECF Veteran

    Supporting member
    That's excellent advice. I've seen first hand (at work) that installed programs can become impossible to access or run. :(
    I need to do this!!
     
    • Like Like x 1
  6. DancingHeretik

    DancingHeretik Dancing in the Chaos Verified Member ECF Veteran

    Supporting member
    Mar 20, 2011
    San Antonio, TX
    I'm running on Linux. Is there something special I should use? I assume all the others were for Windows, right?
     
    • Like Like x 3
  7. r77r7r

    r77r7r ECF Guru ECF Veteran

    Feb 15, 2011
    Pa,LandOfTaxes
    I got several things listed after a quick scan using GMER. Doesn't prompt me as to what to do with them tho......
     
    • Like Like x 2
  8. r77r7r

    r77r7r ECF Guru ECF Veteran

    Feb 15, 2011
    Pa,LandOfTaxes
    Trend rootkit buster doesn't run for win7 64....
     
    • Like Like x 2
  9. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    For Linux, the choices are a bit more challenging as there are no auto removal tools. You'll either need to know how to remove such things manually, or be prepared to do a nuke and pave and start over from scratch.

    Three tools to scan a Linux server for Malware and Rootkits

    Did it say there was rootkit activity found? Or was it just listing what it checked?

    From the download page:

    Windows XP/Vista/7/8
    Can only be used on 32-bit operating systems.
     
    • Like Like x 4
  10. r77r7r

    r77r7r ECF Guru ECF Veteran

    Feb 15, 2011
    Pa,LandOfTaxes
    No popup window type alert. Just a list of about 20 things on the board after it finished. I highlighted and right clicked, but no delete options available. Saved to clipboard.
     
    • Like Like x 2
  11. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    It's just telling you what it checked. That's all. If it had found something, you'd immediately know due to the warnings and red text.
     
    • Like Like x 3
  12. r77r7r

    r77r7r ECF Guru ECF Veteran

    Feb 15, 2011
    Pa,LandOfTaxes
    Has anyone told you that you're awesome today?
     
    • Like Like x 5
  13. Hitmetwice

    Hitmetwice Ultra Member ECF Veteran

    Jan 18, 2012
    Ontario
    Even us pottymouth guys appreciate The Retired1. Thanks Retired1.
     
    • Like Like x 4
  14. Katdarling

    Katdarling Bling Kween and spreadsheet monster. ;) Verified Member ECF Veteran

    Supporting member
    Jan 25, 2011
    Utopia
    Watchin'!

    (Thank you, R1)
     
    • Like Like x 2
  15. r77r7r

    r77r7r ECF Guru ECF Veteran

    Feb 15, 2011
    Pa,LandOfTaxes
    Ouch, my pc didn't like doing these. I got BSOD. I System Restored it. All good.
     
    • Like Like x 2
  16. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    You may want to do more digging. A BSOD during a rootkit check is an indicator that not all is well.

    Run this one.

    Anti-Rootkit BETA - Free Rootkit Scanner & Remover
     
    • Like Like x 4
  17. r77r7r

    r77r7r ECF Guru ECF Veteran

    Feb 15, 2011
    Pa,LandOfTaxes
    Came up with nothing. All good. Maybe I wasn't clear that the BSOD happened shortly After the initial scans??

    TY, all good here.
     
    • Like Like x 2
  18. bnrkwest

    bnrkwest Vaping Master Verified Member ECF Veteran

    Sep 6, 2011
    Somewhere out there
    Thanks for all the help! I have this now plus a bunch of others you suggested and feel much better :)
     
    • Like Like x 1
  19. bnrkwest

    bnrkwest Vaping Master Verified Member ECF Veteran

    Sep 6, 2011
    Somewhere out there
    I have McAfee right now but thinking about using Kasperkey free version, is it a better anti virus program?
     
    • Like Like x 1
  20. retired1

    retired1 Administrator Admin Verified Member ECF Veteran

    Supporting member
    Apr 5, 2013
    Texas
    What version of Winderz?
     
    • Like Like x 1
Thread Status:
Not open for further replies.

Share This Page