# Barclays online banking! BEWARE!!!



## Mark Evans (23 Jul 2010)

for people using Barclay's online banking and pin sentry, beware. If you've entered your details via the pin sentry and then asked to enter more due to IP address verification...don't do it!!!!

Even if you go to the genuine site, they can still gain certain bits of info.

I've been hacked. Thankfully, my account is now blocked and safe.


----------



## arty (23 Jul 2010)

Simply look always on address bar in explorer, if You see any other link not direct bank then that is fake-hack link. A lot of tricks about redirecting, cookie thieft e.g. Sometimes only differ 2 symbols in internet address and You are under risk.
Never give any private data, banks never request personal data or account data via online.

Best Regards,


----------



## Mark Evans (23 Jul 2010)

arty said:
			
		

> Simply look always on address bar in explorer,



that doesn't work. I went through the whole process with barclays fraud department, and they were amazed that it still happens when visiting the official site. typing the actual web address into the banner.


----------



## Themuleous (23 Jul 2010)

Nasty, worth remembering.  Thanks for the heads up.

Sam


----------



## arty (23 Jul 2010)

saintly said:
			
		

> arty said:
> 
> 
> 
> ...




realy good hackers. that someting like i tried wi-fi hacking from guide under Linux, reconect client direct to Yours server and all data going trough my pc and i can filter out everything from client.
try to setup firewall and check Yours wi-fi if You use wi-fi 
But hackers are genius, every day something new, 1 people think about defending and millions about hacking 

Best Regards


----------



## Stu Worrall (23 Jul 2010)

sounds like a zbot variant trojan.  we had one on a laptop in work this week that i fixed and RBS actually told the user he had it and he logged a call.  

It injects extra html like "social security number" or "pin" alongside your password into kosher webpages via your own internet explorer which is quite a nasty little trick.   glad yours got caught mark


----------



## Mark Evans (23 Jul 2010)

stuworrall said:
			
		

> glad yours got caught mark



me to mate.

Apparently, it might of come through on a rogue mail or something. where they read your computer, IP address etc, then when you login, they activate the 'new page' requesting you to re enter the card into pin sentry. Barclay's say, even if successful they cant get entry to your account because every new code is individual. 

their clever all right.


----------



## arty (23 Jul 2010)

If hacker know Yours IP that nothing gives. But if know IP and in Your computer present trojan-small server what sends info then probably is big problem and does not matter from links or emails.
Best option use some good firewall and check outcoming requests.


----------



## AverageWhiteBloke (29 Jul 2010)

This may come in handy http://www.trusteer.com/ HSBC uses it although it can be used on other sites I've tried. Its a browser plugin that makes sure any details you login with are wiped on exit, it also stores information on when and where you logged in from so you can see if someone tried to login from another PC other than your own( this may only work if your bank is supported) and even better it will only let you login to the site you set so if the site changes it warns you that its not the same site as last time. It even knew after HSBC overhauled the online banking  was different and warned me even though it was the genuine site.

And its free maybe worth a try


----------

