Posted on 01/14/2007 8:03:39 PM PST by Criminal Number 18F
Cases of online investment account hacking are on the rise.
All it takes is a few keystrokes to wipe out an online investment account, and victims often have little or no recourse.
Now the government agency that oversees brokerages is warning investors to protect themselves.
Just imagine saving your whole life for retirement only to have it vanish. Online investment accounts are the new target of choice for some criminals who wipe out entire accounts sometimes hundreds of thousands of dollars with just a few clicks.
Bob Sullivan from msnbc.com says the perps are getting smarter, "Criminals have upped the ante quite a bit and now they're going after these big retirement accounts."
(Excerpt) Read more at 14wfie.com ...
"Alert
We are temporarily unable to retrieve all your account information. Please try again later, or contact Customer Service for assistance."
Customer Service? I guess the phone lines to Rishikesh are down. A call to the 1-800 number gets a recorded message saying that no account data can be retrieved; maybe in three hours... and a blunt disconnection. A second call gets immediate disconnection.
1-800-421-2110
It's not a scheduled outage, apparently; it's either widespread system failure, or hackers.
I'm going to be running around like a madman in the morning trying to get money into an account that B of A will be expecting to slurp up money from.
The one thing on the website that works is the link to see what "special offers" they have for me -- trying to get me to open MORE accounts with them. As if.
I never wanted to be a Bank of America customer in the first place -- who would? -- but they hunted down and killed my local bank.
I guess I was right not to trust them.
d.o.l.
Criminal Number 18F
weekend nights is a common time for computer systems maintenance.
None of the accounts anywhere will be open tonight or tomorrow (MLK holiday).
These sorts of emails are designed to get sheeple to panic and forward said emails to all of their friends so that they panic, etc.
I was just in my Bank of America account.
For best results:
1. Use Linux. Use a strong login password for your user account, don't let anyone else know it. Never run as root while connected to the internet.
2. Do not run any network services, and do not allow your router to forward to any ports.
3. Keep you keyboard secured when not in use. It is best to store it in a safe.
3. If you're really paranoid, run tripwire software.
All they would get from me is $32.50.
ping
It is about brokerage accounts, not bank accounts
to protect your password, type them into a text file, then when you log in, copy then paste it in. that way a keystroke logger will not get it.
Linux: the desktop's answer to a question yet to be asked.
I've heard from friends that Washington Mutual has good service for a large bank. US Bank, BofA and Wells Fargo are all terrible.
tellers? I haven't used a teller in 15 years.
This is why I hoard cash. And Twinkies.
Any keylogger can also read your plain text file. And if you encrypt the file the keylogger can read you typing your decrypt password.
Moral: Use a good anti-spyware program like your life savings depended on it.
Me, I do all my banking from my Linux computer. My Windows machine is only for things that REQUIRE Windows. For everything else I uses the system that (for whatever reasons, different argument) doesn't attract spyware.
Listened to Kim Komando last night. She got a call from some poor dumb guy who said he entered his personal data into a spam mail that promised a cash advance -- gave them everything they asked for bank account #, personal info, and his SS#!!! She gave him the bad word -- his bank account plus his personal identity had been compromised and told him to contact his bank immediately (of course its a holiday weekend so won't be able to get in touch in person until Tuesday). Said he would probably need to get a new SS# also.
a new SS#? is that even possible.
Go with a credit union if that option is available. Down home service with modestly better returns. And federally insured of course.
> 1. Use Linux. Use a strong login password for your user account, don't let anyone else know it. Never run as root while connected to the internet.
Use Linux: check (FC4). Strong password: check. No root over net: Check -- I use "sudo" for local tasks.
> 2. Do not run any network services, and do not allow your router to forward to any ports.
I can't do that, as I need to log onto my home system from work (three possible external IPs). So I've got SSHD running, and port 22 is forwarded through my firewall to my Linux box. But I run iptables to restrict incoming access on port 22 to only those IPs where I expect I'll be logging in from.
> 3. Keep you keyboard secured when not in use. It is best to store it in a safe.
Heh. Nope, keyboard is open. But I never leave it unattended when logged in.
> 3. If you're really paranoid, run tripwire software.
I've thought about it. Haven't done it yet. The combination of a good hardware firewall and a Linux box is pretty solid.
One you didn't mention: never, ever put your passwords in an unencrypted file. Cleartext password files are like taping a "KICK ME" sign on your back.
Kim said it was, though it was very difficult to do. No doubt he would have to prove his identity was compromised before they would do it.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.