On-Line banking

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
User avatar
lsemmens
Level 8
Level 8
Posts: 2353
Joined: Wed Sep 10, 2014 9:07 pm
Location: Rural South Australia

Re: On-Line banking

Post by lsemmens » Wed Mar 28, 2018 9:15 am

The problem with purchasing details on the *web is that often you see No return for your money. Say, I spend $500 on an account supposedly worth $5,000 and I find that I get nothing in return, who am I going to report it to?

One of the articles also stated that the compromised accounts were from phishing emails. like "Click here to verify your....." Some people fall for it. I've been online banking for decades (nearly 3 of 'em) and most of them were with WIndoze. Some simple rules for windoze - Ensure the system is up to date and a good anti virus and anti malware program are up and working. NEVER store your banking details (including bookmarks) and password on, or even near your computer (that includes always typing your bank address inot the browser every time). NEVER visit those 'norty' sites where you might come away with something nastier than you went in with. NEVER use the same password for your banking as anything else. NEVER open those unsolicited e-mails purporting to be from your bank asking you to "click here". If the e-mail is legit I can easily find out just by logging on to my banking site and checking their onine messanging system. Clear your cache and cookies after every session. I think that about covers it. Admittedly I hardly have more than a few dollars in my accounts at any one time, (except on pay day of course) but I've not ever been "hacked".

You stand more chance of getting robbed at *point if you hang around the seedier parts of town just as you stand a greater chance of being hacked if you don't follow basic security procedures. Just 'cause you use linux does not preclude you from making silly mistakes.
Kernel: 4.15.0-46-generic x86_64 bits
Desktop: Cinnamon 3.8.9
Distro: Linux Mint 19 Tara

Laptop HP-ProBook-470-G2 8Gb RAM SSD
Server AMD Phenom 9650 - GEForce 9400GT 6Gb RAM
+ three other Mint machines
Out of my mind - please leave a message


User avatar
Pepi
Level 5
Level 5
Posts: 882
Joined: Wed Nov 18, 2009 7:47 pm

Re: On-Line banking

Post by Pepi » Wed Mar 28, 2018 8:53 pm


User avatar
AZgl1500
Level 10
Level 10
Posts: 3486
Joined: Thu Dec 31, 2015 3:20 am
Location: Oklahoma where the wind comes sweeping down the plains
Contact:

Re: On-Line banking

Post by AZgl1500 » Tue Jun 19, 2018 11:52 pm

sigh..............

I read these stories about not doing any transactions online, and I have always used a password manager, and do EVERYTHING ONLINE and have done so since the sun first circled the internet.

I have never once, had a problem doing so.

my only problems have been having a credit card copied by a cash register operator who then went straight out and bought something for $5,000 and the bank denied it as being "atypical" for my habits.

they then called me on the phone and we talked, and I thanked them, and went on.

User avatar
I2k4
Level 5
Level 5
Posts: 591
Joined: Thu Feb 02, 2012 8:33 pm

Re: On-Line banking

Post by I2k4 » Wed Jun 20, 2018 12:51 pm

AZgl1500 wrote:
Tue Jun 19, 2018 11:52 pm
sigh..............

I read these stories about not doing any transactions online, and I have always used a password manager, and do EVERYTHING ONLINE and have done so since the sun first circled the internet.

I have never once, had a problem doing so.

my only problems have been having a credit card copied by a cash register operator who then went straight out and bought something for $5,000 and the bank denied it as being "atypical" for my habits.

they then called me on the phone and we talked, and I thanked them, and went on.
Same here. I don't know how many worriers think they are avoiding the internet by going to a bank branch (some still using Win XP) or using ATMs. I started with ATMs when they first appeared in Canada, and my US engineer brother warned against them - refused to have anything to do with electronic financial networks until 2006, when burglars broke into his house while he was on a honeymoon, and stole the safe with all his stock and bond certificates. Never found - took months to clean that up.
TRUST BUT VERIFY any advice from anybody, including me. M18.3 XFCE (Dell 1520) 64 bit. Dual booting M19.1 XFCE / W7 (Acer netbook) and M19.1 Cinnamon / W7 (Lenovo desktop) 64 bit. Persistent live USB pretesting M19.2 Cinnamon and XFCE.

KMHGeorge
Level 1
Level 1
Posts: 3
Joined: Sat Jun 16, 2018 4:26 pm

Re: On-Line banking

Post by KMHGeorge » Thu Jun 21, 2018 7:24 pm

:D Thanks to everyone for their suggestions. I do need to go on-line to take care of my banking needs. Even in Windows, I never had a security issue thank goodness.

KMHGeorge

User avatar
michael louwe
Level 10
Level 10
Posts: 3297
Joined: Sun Sep 11, 2016 11:18 pm

Re: On-Line banking

Post by michael louwe » Sun Apr 14, 2019 12:58 pm

An investigative series I’ve been writing about organized cyber crime gangs stealing millions of dollars from small to mid-sized businesses has generated more than a few responses from business owners who were concerned about how best to protect themselves from this type of fraud.

The simplest, most cost-effective answer I know of? Don’t use Microsoft Windows when accessing your bank account online.
https://krebsonsecurity.com/banking-on-a-live-cd/
.
.
Today, we’ll look at the stranger-than-fiction true tale of an American firm that lost $197,000 in a remarkably similar 2013 cyberheist, only to later recover most of the money after allegedly plying Chinese authorities with a carton of cigarettes and a hefty bounty for their trouble.
U.S. consumers who bank online are protected by Regulation E, which dramatically limits the liability for consumers who lose money from unauthorized account activity online (provided the victim notifies their financial institution of the fraudulent activity within 60 days of receiving a disputed account statement).

Businesses, however, do not enjoy such protections.
https://krebsonsecurity.com/2015/08/cyb ... -for-cash/
.
.
Limit to customer liability
https://en.wikipedia.org/wiki/Electroni ... ansfer_Act
.
.
Who is liable for money lost when fraud occurs in a customer’s bank account or card through illegal access/use of ATM or any of the Digital Channels (Internet Banking, Mobile Banking, Payments, E-wallets, etc.)? The answer depends on the country where the account is being operated.
https://financialit.net/blog/fraud-mana ... al-banking

TI58C
Level 4
Level 4
Posts: 354
Joined: Tue Jul 18, 2017 5:57 am

Re: On-Line banking

Post by TI58C » Sun Apr 14, 2019 1:09 pm

For what it's worth,

Have used my mint for internet banking since mint 13. Also do my taxes online with the same system, somewhat hardened browser.
Never the slightest problem. Watch out for phishing in your mail. Do not just click on any link. Especially if that link seems to lead to your bank. Open browser and enter adress. Common sense like that. Even my bank (major Dutch bank), considers this safe enough and have told me so in an email a few years ago.


Robert
Linux is like my late labrador lady-dog: loyal and loving if you treat her lady-like, disbehaving princess if you don't.

User avatar
michael louwe
Level 10
Level 10
Posts: 3297
Joined: Sun Sep 11, 2016 11:18 pm

Re: On-Line banking

Post by michael louwe » Sun Apr 14, 2019 2:43 pm

TI58C wrote:
Sun Apr 14, 2019 1:09 pm
Never the slightest problem. Watch out for phishing in your mail. Do not just click on any link. Especially if that link seems to lead to your bank. Open browser and enter adress. Common sense like that. Even my bank (major Dutch bank), considers this safe enough and have told me so in an email a few years ago.
.
It also depends on who are the people/entities doing the online banking.

Hackers of online banking usually go after high-value targets, eg businesses, millionaires and rich folks. Similarly for the targeting by ransomware hackers. Average income earning workers, those who live paycheck to paycheck and poor folks should be safe from such hackers, even if they are Windows users who foolishly got infected by online banking malware since their online banking accounts seldom exceed US$10,000.

In the old days, robbers, burglars and kidnappers-for-ransom had also usually targeted banks, gold jewellery shops, businesses, millionaires and rich folks.

So, those high-value targets who are often in the line-of-sight of such hackers should take extra precautions, even if they are using Linux systems.

User avatar
Pjotr
Level 21
Level 21
Posts: 13250
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: On-Line banking

Post by Pjotr » Sun Apr 14, 2019 3:01 pm

michael louwe wrote:
Sun Apr 14, 2019 2:43 pm
TI58C wrote:
Sun Apr 14, 2019 1:09 pm
Never the slightest problem. Watch out for phishing in your mail. Do not just click on any link. Especially if that link seems to lead to your bank. Open browser and enter adress. Common sense like that. Even my bank (major Dutch bank), considers this safe enough and have told me so in an email a few years ago.
.
It also depends on who are the people/entities doing the online banking.

Hackers of online banking usually go after high-value targets, eg businesses, millionaires and rich folks. Similarly for the targeting by ransomware hackers. Average income earning workers, those who live paycheck to paycheck and poor folks should be safe from such hackers, even if they are Windows users who foolishly got infected by online banking malware since their online banking accounts seldom exceed US$10,000.
That's nonsense. Ransomware doesn't make a distinction between poor and rich.
Tip: 10 things to do after installing Linux Mint 19.2 Tina
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
michael louwe
Level 10
Level 10
Posts: 3297
Joined: Sun Sep 11, 2016 11:18 pm

Re: On-Line banking

Post by michael louwe » Sun Apr 14, 2019 11:46 pm

Pjotr wrote:
Sun Apr 14, 2019 3:01 pm
That's nonsense. Ransomware doesn't make a distinction between poor and rich.
.
Yes, but it is usually the rich who has to pay the ransom, eg businesses, because they can't afford to lose their vital data or suffer lengthy system downtime for doing recovery. The poor usually does not pay the ransom, eg ordinary home-users = they just reinstall their OS and restore their data from backups or make do without the lost data.
....... Would you be paying the ransom if you are hit by a ransomware.?
.
.
US hospital pays $55,000 to hackers after ransomware attack. Hancock Health paid up despite having backups available.
https://www.zdnet.com/article/us-hospit ... operators/
.
.
Officials from the city of Valdez, Alaska have admitted last week to paying $26,623.97 to hackers after the city's IT network was crippled by a ransomware infection in July.
https://www.zdnet.com/article/city-of-v ... infection/
.
.
NonPetya ransomware forced Maersk to reinstall 4000 servers, 45000 PCs. The shipping giant has suffered millions of dollars in damage due to the ransomware attack.
https://www.zdnet.com/article/maersk-fo ... ya-attack/

TI58C
Level 4
Level 4
Posts: 354
Joined: Tue Jul 18, 2017 5:57 am

Re: On-Line banking

Post by TI58C » Mon Apr 15, 2019 7:01 am

@Michael Louwe,

Agree with Pjotr. But, being a linux user, ransomware is NOT one of my prime worries when internet-banking. Biggest problem is buying something online. A lot of the online-shops have very bad/vulnerable sites that are hacked on a regular basis. In The Netherlands, we hav a system that's called iDeal. When you buy something at a webshop and use this iDeal, the shop will automatically send you to the site of your bank. There you can do normal login and find the payment statement ready, so that you only have to confirm it. But if some criminal does a Mitm attack, I could give my bank an OK to pay say 10 Euro's to shop x, but they could change that. So I find I have actually paid 1000 euro's to some criminal in a country that doesn't care. And as for you Americans paying by credit-card, the problem of stealing your card-credentials and using them is exactly the same.

For these crims, taking a lot of relatively small amounts of money readily brings in millions.

And, by the way: I am one of those "poor" people. Have some savings in a separate account, but my normal account rarely holds more than 2000 euro's. But losing that amount of money would be a heavy blow to me, Lucky that our Dutch laws are rather strict. In case of fraud, banks will compensate IF YOU ACTED RESPONSIBLY (regular checking of accounts, software up-to-date etc). That was a major reason for me to install 19.1 as my old 17.3 soon will be out of support and therefore not useable for internet-banking.

robert
Linux is like my late labrador lady-dog: loyal and loving if you treat her lady-like, disbehaving princess if you don't.

User avatar
Faust
Level 4
Level 4
Posts: 497
Joined: Thu Jul 14, 2016 3:40 am

Re: On-Line banking

Post by Faust » Mon Apr 15, 2019 8:19 am

Ransomware has been mentioned in some posts here , so if you are unfortunate enough to be a victim ,
could I offer some advice ?

DO NOT PAY !

First get in touch with Fabian Wosar who has a thread running over at Malwaretips called " Ask me anything "

The man detests ransomware , and he is dedicated to cracking every variety he encounters , and he is always willing to help .
I reckon he eats it for breakfast .

He has had such an impact on the bottom-feeders who create this bilge that they are actually hiding personal messages to him ,
buried in their code ..... I'm not making this up .
He has had to move to another country because of these "delightful " people .

The BBC website had an excellent article about him a few weeks back .... fantastically good reading !
" And so it goes " - Kurt Vonnegut
The modern reality and the satirical parody are rapidly converging .

TI58C
Level 4
Level 4
Posts: 354
Joined: Tue Jul 18, 2017 5:57 am

Re: On-Line banking

Post by TI58C » Mon Apr 15, 2019 8:54 am

Do not want to be rude. But:

Who gives a shit about ransomware with linux mint, timeshift, and backup-tool ? Just do clean install and restore your home-backup. It is not worth the time of thinking about it. Provided that you did have a good backup-scheme.

Topic was and is "on-line banking".

Robert
Last edited by TI58C on Mon Apr 15, 2019 9:02 am, edited 1 time in total.
Linux is like my late labrador lady-dog: loyal and loving if you treat her lady-like, disbehaving princess if you don't.

User avatar
michael louwe
Level 10
Level 10
Posts: 3297
Joined: Sun Sep 11, 2016 11:18 pm

Re: On-Line banking

Post by michael louwe » Mon Apr 15, 2019 8:57 am

TI58C wrote:
Mon Apr 15, 2019 7:01 am
Biggest problem is buying something online.
.
Europol said the Carbanak gang —also known as Cobalt— had carried out over 100 hacks across 40 different countries, stealing over €1 billion ($1.24 billion), with a hack average of €10 million ($12.4 million) per heist. ...

All attacks would start with hackers sending spear-phishing emails to their targets. Emails used domain spoofing to impersonate legitimate business partners or collaborators and contained a file attachment with malicious software.

Attackers usually relied on infecting one target and then spreading to the rest of the internal network, looking for computers that had access to software used for managing the target's funds. This included software that controlled ATMs, bank accounts, money transfers, and more.
Hackers had three ways of stealing money

Once they gained access to these systems, hackers choose one of three methods of stealing money.

The first was to coordinate with money mule groups and make ATMs spit out cash at a predetermined hour and day. Money mules would pick up the funds, some of which would end up back with the Carbanak group after intermediaries took their cuts.

Second, the Carbanak group would transfer money from legitimate accounts to the ones they or their money mules owned, who would then empty accounts at ATMs, or use the accounts to buy expensive products and launder the money.

Third, crooks would use their access to the bank's internal network to artificially inflate the money balance of accounts created by money mules in advance, without transferring funds from other accounts. Same as before, money mules would empty accounts as soon as possible.
https://www.bleepingcomputer.com/news/s ... -in-spain/ - March 26, 2018
.
Hackers have also targeted the banks themselves with online banking malware = the hackers were able to secretly commandeer the banks' internal banking control software over their ATMs, online banking accounts, etc = it was a hit-n-run operation, in order to evade the cyberpolice.
....... In the above Second method of fraud, the hackers can transfer a few hundred thousand US$ from a rich person's or business's online banking account to their own account overseas = no need any online interaction(= no need password, MFA, verification token, dual person authorization, etc) from the victim = the use of a more secure Linux computer by the victim for online banking becomes moot. The hack attacks will victimize a number of such victims at the same time = netting US$ millions for the hackers and their mules. Then the hackers move on to target another bank elsewhere.

So, rich folks and businesses need to be very careful and vigilant with their online banking, eg have separate bank accounts, limit transaction amount, etc. Average and poor folks doing online banking are usually quite safe.
Last edited by michael louwe on Mon Apr 15, 2019 9:15 am, edited 1 time in total.

TI58C
Level 4
Level 4
Posts: 354
Joined: Tue Jul 18, 2017 5:57 am

Re: On-Line banking

Post by TI58C » Mon Apr 15, 2019 9:04 am

@michael louwe,

please take your paranoid fantasies somewhere else....

Robert
Linux is like my late labrador lady-dog: loyal and loving if you treat her lady-like, disbehaving princess if you don't.

User avatar
michael louwe
Level 10
Level 10
Posts: 3297
Joined: Sun Sep 11, 2016 11:18 pm

Re: On-Line banking

Post by michael louwe » Mon Apr 15, 2019 9:11 am

'Hand of Thief' banking Trojan reaches for Linux – for only $2K
'Early sign of Linux becoming less secure,' says infosec bod
By John Leyden 8 Aug 2013
https://www.theregister.co.uk/2013/08/0 ... ng_trojan/

TI58C
Level 4
Level 4
Posts: 354
Joined: Tue Jul 18, 2017 5:57 am

Re: On-Line banking

Post by TI58C » Mon Apr 15, 2019 9:16 am

Yes, everything is possible.

And if you want to be extra-careful, you can start from usb-stick with a minimal tinycore and up-to-date-extra-hardened browser.
Checking certificates is always a good idea too.

But please...can we stick to a realistic threat-assesment ?

Robert
Linux is like my late labrador lady-dog: loyal and loving if you treat her lady-like, disbehaving princess if you don't.

deepakdeshp
Level 15
Level 15
Posts: 5665
Joined: Sun Aug 09, 2015 10:00 am

Re: On-Line banking

Post by deepakdeshp » Mon Apr 15, 2019 9:23 am

TI58C wrote:
Mon Apr 15, 2019 9:16 am
Yes, everything is possible.

And if you want to be extra-careful, you can start from usb-stick with a minimal tinycore and up-to-date-extra-hardened browser.
Checking certificates is always a good idea too.

But please...can we stick to a realistic threat-assesment ?

Robert
Isn't realistic subjective? What one feels realistic, somebody else feels unrealistic
If I have helped you solve a problem, please add [SOLVED] to your first post title, it helps other users looking for help, and keeps the forum clean.
Regards,
Deepak

I am using Mint 19.2 Cinnamon 64 bit with AMD A8/7410 processor . Memory 8GB

User avatar
michael louwe
Level 10
Level 10
Posts: 3297
Joined: Sun Sep 11, 2016 11:18 pm

Re: On-Line banking

Post by michael louwe » Mon Apr 15, 2019 11:43 am

TI58C wrote:
Mon Apr 15, 2019 9:04 am
@michael louwe,

please take your paranoid fantasies somewhere else....
.
A millionaire like Linus Torvald should be paranoid about online banking frauds or of being cyber-robbed if he does online banking.
....... Average and poor folks like yourself, have mostly nothing to worry about.

I was mostly just providing some linked news reports about online banking malware and frauds, a FYI, especially for rich folks and business-persons.

Post Reply

Return to “Newbie Questions”