[Gllug] how safe is linux against identity thief

- Tethys tethys at gmail.com
Tue Mar 24 11:50:09 UTC 2009


2009/3/24 Lucy Peters <lucypeters at mail.com>:

> My bank account has been compromised recently. they transferred
> fund from my account to the people I don't know.

How? Did they pretend to be you using phone banking? Did they walk into
a branch and claim they were you? Did they log into your account via web
banking? If the latter, can the bank confirm that a valid username and
password was used, or did they exploit some weakness in the login process?
If your login and password were used, where have you used them? Only
from your home computer, or have you been to an internet cafe, or used
a friend's or parent's computer? While everyone automatically thinks
that their computer has been cracked in cases like these, in the real
world, social engineering is much more likely to have been involved.

> what else can I install to prevent identity thief from happening again ?

If, after that, you're convinced that your machine has been compromised,
and that that's how the attackers have acquired your login details, then
you need to start looking at your machine security. How could attackers
have got hold of your login details? Where are your username and password
stored? Do you have your browser save the password for you (bad idea,
don't do that)? Do you have the password stored in a text file somewhere
on your machine (bad idea, don't do that)? Has your machine been kept up
to date with security patches? Are you using plugins or extensions with
known security flaws (eg Adobe's Flash plugin)? How does your machine
connect to the Internet? Could someone have exploited your machine
to gain root access? Or perhaps just access to your account? If so,
how? Did they install a keylogger? Did they have something intercepting
HTTPS POST requests from within the browser? If you're unable to come
up with a complete explanation of how your machine was compromised
(and you've fixed the hole), then a complete reinstall from trusted
media is the only sane option at this point. And to be honest, even
if you think you know what happened and have plugged the hole, I'd be
reinstalling anyway. You don't know what other malicious things they
may have installed while they had access to your machine.

Tet

--
The greatest shortcoming of the human race is our inability to
understand the exponential function -- Albert Bartlett
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list