Question:
Found out from mbna tonight that someone tried to buy stuff for £70 on the internet the other day using my card details, the transaction was declined, even though they were first successful in a transaction for a pound!
MBNA told me the name of the site and I was staggered to realise that I had been on the site for the first time ever the night before the hit! I was on it for afew mins, did not register and did not buy anything. it is a really weird coincidence. it is not a site that eveyone would be interested in I did a scan for virus tonight and mcaffe found amultdropper-pc trojan, and some adware, i have removed both. surely these on their own would not be able to get my details. could I have another trojan or keylogger on my pc? really worried now, and am considering restoring pc. I have my card and do not let it out of my sight, also PC has been doing strange things like going to web pages that I have not visited for ages all by itself!!
Answers:
A trojan would be enough for a user to manually retrieve credit card details. If they know what they're doing and not script kiddies, it's not an unreasonable thing to suggest....
Trojans sometimes have keyloggers in built too as well ya see. I would suggest formatting your pc for complete safety however. After something like that, a comeplete re-format is the safest way to be sure your clean.
Sorry to hear about the act. Hope the guy that did it gets seriously injured somehow soon
Answers:
I'd do some online scans, install antispyware software, and make sure you are patched.
if you did not register and enter credit card details, it is probably coincidence. It may not be connected to your PC at all.
Do have have mcafee running all the time, and if so is it upto date?
there is a recent update 21/3 to the virus definitions, so there may be a new variant out..
run the latest dat from to patch
Answers:
Really sorry to hear about this shoperholicnot !
I am afraid this is not just a coincidense and I would agree that the best way to clean the PC is format . Some trojans penetrate so deep in the system that it is extremely difficult to be removed (they mess up with Windows Registy s even after removal they still have control)
I would suspect you are using Internet Explorer and might missing a few critical updates...
What happens is that a lot of personal information is stored in your browser's cache , especially if you are using autocomplete -- all this info may be disclosed to the "weird sites" one can visit.
Good luck !
Answers:
Interesting article
"The wave of zero-day attacks against a gaping hole in Microsoft's Internet Explorer browser appears to have subsided, but in the absence of a patch, security experts warn that the risk remains significant.
ADVERTISEMENT
During the weekend of March 25-26, malware hunters discovered more than 200 unique URLs using the unpatched IE flaw to launch drive-by downloads of bots, spyware, back doors and other Trojan downloaders.
However, according to Microsoft's security response personnel, the attack pattern has leveled off. "
BEWARE OF IE !!!
Answers:
Interesting article
"The wave of zero-day attacks against a gaping hole in Microsoft's Internet Explorer browser appears to have subsided, but in the absence of a patch, security experts warn that the risk remains significant.
ADVERTISEMENT
During the weekend of March 25-26, malware hunters discovered more than 200 unique URLs using the unpatched IE flaw to launch drive-by downloads of bots, spyware, back doors and other Trojan downloaders.
However, according to Microsoft's security response personnel, the attack pattern has leveled off. "
BEWARE OF IE !!!
No make sure your systems are up to date with AV software and security patches...
Answers:
Firstly run an online virus scan - I see another MSE'er has already kindly included the links If they come up clean then you have no KNOWN virus on your system. If you have a virus then contcat your AV vendor for help in removing it if you're in any doubt. After removing then RESCAN with the online virus scan. I would recommend re-installing your AV software if anything got past it though as a virus usually attacks your AV software once it's got in. You might also want to consider an AV software that updates their deifnitions a little more regularly... 21/3 is 8 days ago... On average 100-200 new viruses or variants are found, analysed and added to scan engines every day... Anyone else see a slight issue of yours only updates once a week?
To keep your card details safe ALWAYS check the website you enter card details on starts HTTPS:// and not just HTTP:// (the S stands for secure).
If in doubt then report the website you suspect you got the virus from to your AV software support and they can investigate it further to see if there is malicious script running somewhere
Answers:
You might like to run HiackThis and see if anything appears in the HOSTS section, just below the "Running Processes" list. That's where these password stealers can appear.
However, a reformat would work if you can stand it. Just make sure you save any precious documents, images etc. before you do it.
Answers:
Thanx everyone
I left my pc on last nite and everything was running ok and when i got up this morning mcaffe had found and deleted a file Ao31889.exe or something like that, this was when I was asleep so there is definite activity going on when I am not at PC did a housecall scan and it found loads of files but froze when trying to delete . \i am doing the scan again and will cleans the items, then I am going to do a Hijackthis scan and mcaffe agin. I think that I will probably still have to reformat. also while Housecall was scanning, mcaffe found exploit-obscured html which it says is a trojan but it did not find this yesterday? there is def alot of dangerous cr*p on my pc and I dont think the website thing was a coincidence to be honest. just cant understand how this junk got my pc in the first place.. I hate reformatting
Answers:
Can't they trace the person that tried to purchase something? or an address to where they wanted the stuff delivering to? Don't you think you should cancel that card and get a new one?
Also you prob should change your passwords to things on your pc that you use as if they got those details they will probably have every other password that you use on things. And prob change them all again once you've sorted it out
Answers:
Can't they trace the person that tried to purchase something? or an address to where they wanted the stuff delivering to? Don't you think you should cancel that card and get a new one?
Hi Lady K
MBNA were suspicious because of the £1 transaction, the person, 1 min later, then tried to purchase £70 worth of cosmetics! (they must have a face like a back of a bus) MBNA declined the transaction and contacted me, I am very impressed. MBNA are investigating and will no doubt be contacting the site for all this info, my card is cancelled and they are sending me a new one. I am still worried because i have done all my online banking on etc pC and scared as to what info is available to scammer... I feel like my every move on pc may be being noted and it is a horrible feeling
Answers:
Yes it must feel terrible I'd be worried too. Luckily though as you say the MBNA have acted very quickly it is impressive thank goodness. They will be experienced with this sort of thing though so I would imagine they would answer your concerns and advise you. I buy all my stuff on the net too. I wonder why they brought something for £1 to test the card probably.
Hehe I laughed at the back of a bus thing
Hope it gets sorted out fast anyway
Good Luck!
Answers:
if you didn't enter your credit card details into the specific website, and the website is a legit website, then it must be coincidence.
could you specify exactly which viruses are being found, if they aren't keyloggers, then it unlikely to be a hacked PC. Most keyloggers leave a text file behind with the details of what they are logging.
Just change you banking password, on a diff pc if possible.