Argh :( Just had to cancel my card - clever trickery inside
- Thread starter wasc
- Start date
this sounds like a "man in the browser" attack.
Basically you are able to inject code into the browser which allows you to change alsorts of things without your knowledge on the fly. Can be connecting to a different site, but telling you that you are connecting to an offcial site, can also change anything rendered onscreen in realtime. IE you want to pay for something, the webpage tells you price is 50quid, you goto buy, man in browser kicks in and makes a purchase for the 50 quid + another 50 quid. then it can change the data it is displaying to you on the fly so that it on reports that only 50quid has been debited.
I would suggest trying different browsers.
http://en.wikipedia.org/wiki/Man-in-the-browser
Basically you are able to inject code into the browser which allows you to change alsorts of things without your knowledge on the fly. Can be connecting to a different site, but telling you that you are connecting to an offcial site, can also change anything rendered onscreen in realtime. IE you want to pay for something, the webpage tells you price is 50quid, you goto buy, man in browser kicks in and makes a purchase for the 50 quid + another 50 quid. then it can change the data it is displaying to you on the fly so that it on reports that only 50quid has been debited.
I would suggest trying different browsers.
http://en.wikipedia.org/wiki/Man-in-the-browser
Soldato
- Joined
- 16 Nov 2010
- Posts
- 16,513
- Location
- Swimming in a lake
Eurgh, IE10...
It is indeed quite a clever get around though, and remarkably annoying if you're on the receiving end.
kd
It is indeed quite a clever get around though, and remarkably annoying if you're on the receiving end.
kd
Permabanned
- Joined
- 9 Aug 2008
- Posts
- 35,711
Please tell me you formatted just to be on the safe side?
Interestingly something similar happenned to me a couple of years ago, again with Barclays. But it didn't ask for the maiden name and CVV (as mine was current acccount) but asked for my online pin number (the one previous to pinsentry but which can still be used as if pinsentry doesn't work). It smelt fishy so I checked certificates, padlock, etc, checked AV was ok, and considering this was also on my work computer, I thought it was all legit and carried on.
Got sadly done to the tune of a few £ks despite all that but Barlcays were really good and refunded me. Some transfers had been made to a Polish account. Since then, I've seen similar screens at which point I turn off my pc and reboot, despite all sorts of security stuff running.
I wonder if it's especially Barclays' sites that make it suceptible to hacking.
Got sadly done to the tune of a few £ks despite all that but Barlcays were really good and refunded me. Some transfers had been made to a Polish account. Since then, I've seen similar screens at which point I turn off my pc and reboot, despite all sorts of security stuff running.
I wonder if it's especially Barclays' sites that make it suceptible to hacking.
Soldato
- Joined
- 17 Apr 2006
- Posts
- 3,165
- Location
- 3rd rock...
Who this is scary, thanks for pointing it out. These scammer scum are making the sites so convincing its no wonder people get caught out. You caught the scam but after you most likely came 50 people who didnt!
A pity we dont have chain-gangs in this country for the scammer scum and the burglar scum.
A pity we dont have chain-gangs in this country for the scammer scum and the burglar scum.
To be fair alarm bells should have been ringing, even in that Natwest screenshot a view posts up, the format of information its asking for is very odd; 'Password and Pin - like that: Password-PIN' Seems like a very weird way of asking for your data, which should raise suspicion.
That's because this is what's called a man in the browser attack which modifies the webpage of a legitimate site to ask for extra data (this was covered in click a few weeks ago)
The OP should use another anti-virus as a majority can't pick up on these kinds of infections.
Soldato
- Joined
- 6 Dec 2007
- Posts
- 2,617
- Location
- Dewsbury
What I laughed about in that screenshot is that, towards the bottom, it actually shows a warning against inputting your password and PIN. I assume thats on the unchanged section of page?
How do you get these loggers and virus? Peer to peer? Downloading from site such as megaupload (rip) Porn sites?
Ive not had a problem so far in over 10 years of using pc as an every day tool. I dont download from sites other than legit places like Steam and amazon where im not connecting to joe bloggs computer.
I do however format and reinstall windows every 6 months or so.
Ive not had a problem so far in over 10 years of using pc as an every day tool. I dont download from sites other than legit places like Steam and amazon where im not connecting to joe bloggs computer.
I do however format and reinstall windows every 6 months or so.
Soldato
- Joined
- 20 Jun 2004
- Posts
- 5,961
- Location
- Essex
Hmmm looks like the "scammer" isn't the only criminal we should be worried about!
"NZB-360"... oh really
"NZB-360"... oh really
Even the clever folks can get nabbed. I just bought some stuff on ebay an hour ago (multi buy using basket etc) and got an email from ebay.co.uk saying there was an issue with my order and to click here to go and remedy it...
I was reading it thinking "bugger" and it was a few sentences in before my security sense kicked in and I realised it was just a very, VERY well timed co-inkydink spam email with a forged link.
I didnt click it but just goes to show.
I was reading it thinking "bugger" and it was a few sentences in before my security sense kicked in and I realised it was just a very, VERY well timed co-inkydink spam email with a forged link.
I didnt click it but just goes to show.
Associate
- Joined
- 22 Oct 2009
- Posts
- 150
- Location
- Middlesex
Hmm, I'm starting to worry that I might have fallen foul of something similar. A week or two ago I tried to log in to my Natwest account and it said the details were incorrect and that I had to reset it by providing various bits of info. It seemed odd, as it usually lets you make a mistake or two, but I went ahead with it.
Might have to get a new card then...
Might have to get a new card then...