Please help us with a fraud situation
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
|||||||||||||||||||||||||
|
Posted by on May 27, 2008, 11:06 pm
Please log in for more thread options We had some identity thefts situations with our credit cards and Bank accounts. People using our credit cards and writing checks against our account. How can I set up a really secure internet connection in my home ? I use a Windows XP - wireless laptop to access the internet I have in my home. We use Comcast cable. We have a WPA secure internet. We use a Netgear Rangemax MIMO and the Comcast modem. Somehow some people have managed to get both our credit card numbers and bank account numbers and even driving license number. I use this internet to access all our bank accounts etc. Because of the fraud that occurred, we want to make sure that we have a really secure internet connection. What additional hardware, software etc do I need, if any ? Since I am not a techie, pls help me with as much detail as possible. Thanks in advance for your help, Irfan Smith | |||||||||||||||||||||||||
|
Posted by ps56k on May 28, 2008, 12:32 am
Please log in for more thread options People always point to the Internet when bad things happen... We had our Chase account compromised a few years ago - Had nothing to do with Internet, but person used stolen checks from other mailboxes (reported), deposited into our account with cash back...but not caught. Anyway - just think about all the places someone has your "info". - credit cards when you hand them to someone at a food place - checks at the grocery store, or anywhere you pay by check - driver lic for some ID written down - maybe even on check and NONE have anything to do with the Internet | |||||||||||||||||||||||||
|
Posted by Worn Out Retread on May 28, 2008, 9:26 am
Please log in for more thread options > People always point to the Internet when bad things happen...
> > We had our Chase account compromised a few years ago - > Had nothing to do with Internet, > but person used stolen checks from other mailboxes (reported), > deposited into our account with cash back...but not caught. > > Anyway - just think about all the places someone has your "info". > - credit cards when you hand them to someone at a food place > - checks at the grocery store, or anywhere you pay by check > - driver lic for some ID written down - maybe even on check > > and NONE have anything to do with the Internet Our only problem with this kind of thing happened because of the old system of using carbon paper between slips for credit cards. The retailer didn't properly dispose of the carbons and neither did any of the other retailers in the mall. Crooks went dumpster diving for the slips and then tried to take advantage of the credit card numbers. Luckily, they were dumb as knobs because they went to our bank to try and cash a cheque but the tellers all knew us and knew immediately that the persons trying to pass themselves off as us were crooks....case solved rather quickly. We did however have to keep an eye on all of our accounts and the bank and credit card companies questioned every purchase that we made for the next year. -- Ron P If we are what we eat then: I'm fast, cheap and easy and past my best before date | |||||||||||||||||||||||||
|
Posted by Jeff Liebermann on May 28, 2008, 12:37 am
Please log in for more thread options On Tue, 27 May 2008 20:06:14 -0700 (PDT), irfansmith@gmail.com wrote:
>Please help us with a fraud situation
I don't see anything resembling fraud. More like common sense and internet security setup. If this sounds like blame the victim, I appologize, but if your surfing and security practices are lacking, you are as big a part of the problem as the typical hacker. >We had some identity thefts situations with our credit cards and Bank
>accounts. >People using our credit cards and writing checks against our account. There are plenty of ways to get that info without involving the internet. Most commonly, it's a theft of credit card data from some idiot vendor that leaves the data on their web site. Having a virus or trojan horse on your computer, that sends "interesting" files back to the evil hackers, is also quite common. Lots of others. Hopefully, you have a clue how it happened or who leaked the data. >How can I set up a really secure internet connection in my home ?
Yes. WPA2-PSK-AES encryption is about as secure as it gets. However, that requires a shared key, which can easily be leaked if some evil person has access to one of the computahs. To prevent that, you can install a RADIUS server to provide a one-time encryption key along with an extra login and password. Incidentally, one of my friends got ripped off via identity theft. I trashed a nice dinner by literally pounding the concept of NOT using the same password for every account she was using. A month later, she was moaning that it was too difficult to remember all the passwords, so she just wrote them on a ledger pad and hung it on the wall of her office. Moral: You gotta understand how security works in order to be fairly safe. >I use a Windows XP - wireless laptop to access the internet I have
>in my home. Any particular model wireless router? Are you using WPA2 encryption with a fairly obscure and non-dictionary password? <http://wireless.wikia.com/wiki/Wi-Fi_How_To#Secure_a_wireless_network>
>We use Comcast cable.
Comcast uses DOCSIS with BPI (Baseline Privacy Interface). That's quite safe from sniffing. >We have a WPA secure internet. We use a Netgear Rangemax MIMO
>and the Comcast modem. Ummm... are the number keys missing on your keyboard or is there some security reason why you don't disclose the model numbers? >Somehow some people have managed to get both our credit card numbers
>and bank account numbers and even driving license number. Give me a break. When was the last time you remember typing in your drivers license number into a web form? If you did, it was probably a hackers site. Do you even have any documents on your computah that have the drivers license in them? If the drivers license number was involved, it probably wasn't by sniffing your traffic or breaking into your computer. >I use this internet to access all our bank accounts etc.
So do I. Have you checked that you're actually using the banks web site, and not some impostor (phishing) site? Most banks have some mechanism for storing an identifying icon or phrase that insures you've got the correct site and not some phony that's collecting passwords. >Because of the fraud that occurred, we want to make sure that
>we have a really secure internet connection. > >What additional hardware, software etc do I need, if any ? No hardware. Anti-phishing software (i.e. Free AVG 8.0) works well for identifying evil sites. Add some common sense and some heavy reading about how internet security works. Pay attention to anti-virus, anti-spyware, anti-rootkit, and anti-phishing software. Pick *ONE* that works for you, and uninstall the rest as they trample each other. >Since I am not a techie, pls help me with as much detail as possible.
Detail. OK. See: <http://iase.disa.mil/stigs/checklist/>
Grab the XP and the wireless security checklists. You probably can't
impliment everything on the shopping list as much of it is not applicable. However, you can get a good idea of what is expected if you want to be REALLY secure. This looks interesting. NIST Wireless Security Checklist: <http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf>
-- # Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060 # 831-336-2558 jeffl@comix.santa-cruz.ca.us # http://802.11junk.com jeffl@cruzio.com # http://www.LearnByDestroying.com AE6KS | |||||||||||||||||||||||||
|
Posted by Stephen on June 4, 2008, 5:56 pm
Please log in for more thread options wrote:
>On Tue, 27 May 2008 20:06:14 -0700 (PDT), irfansmith@gmail.com wrote:
> >>Please help us with a fraud situation
>
>I don't see anything resembling fraud. More like common sense and >internet security setup. If this sounds like blame the victim, I >appologize, but if your surfing and security practices are lacking, >you are as big a part of the problem as the typical hacker. > >>We had some identity thefts situations with our credit cards and Bank
>>accounts. >>People using our credit cards and writing checks against our account. >
>There are plenty of ways to get that info without involving the >internet. Most commonly, it's a theft of credit card data from some >idiot vendor that leaves the data on their web site. Having a virus >or trojan horse on your computer, that sends "interesting" files back >to the evil hackers, is also quite common. Lots of others. Hopefully, >you have a clue how it happened or who leaked the data. > >>How can I set up a really secure internet connection in my home ?
>
>Yes. WPA2-PSK-AES encryption is about as secure as it gets. However, >that requires a shared key, which can easily be leaked if some evil >person has access to one of the computahs. To prevent that, you can >install a RADIUS server to provide a one-time encryption key along >with an extra login and password. a more secure scheme is - no wireless, as then getting the security wrong is much less risky. ethernet cables are a lot more difficult to tap into without physical access to the wires. >
>Incidentally, one of my friends got ripped off via identity theft. I >trashed a nice dinner by literally pounding the concept of NOT using >the same password for every account she was using. A month later, she >was moaning that it was too difficult to remember all the passwords, >so she just wrote them on a ledger pad and hung it on the wall of her >office. Moral: You gotta understand how security works in order to be >fairly safe. > >>I use a Windows XP - wireless laptop to access the internet I have
>>in my home. >
>Any particular model wireless router? Are you using WPA2 encryption >with a fairly obscure and non-dictionary password? ><http://wireless.wikia.com/wiki/Wi-Fi_How_To#Secure_a_wireless_network> > >>We use Comcast cable.
>
>Comcast uses DOCSIS with BPI (Baseline Privacy Interface). That's >quite safe from sniffing. > >>We have a WPA secure internet. We use a Netgear Rangemax MIMO
>>and the Comcast modem. >
>Ummm... are the number keys missing on your keyboard or is there some >security reason why you don't disclose the model numbers? > >>Somehow some people have managed to get both our credit card numbers
>>and bank account numbers and even driving license number. >
>Give me a break. When was the last time you remember typing in your >drivers license number into a web form? If you did, it was probably a >hackers site. Do you even have any documents on your computah that >have the drivers license in them? If the drivers license number was >involved, it probably wasn't by sniffing your traffic or breaking into >your computer. > >>I use this internet to access all our bank accounts etc.
>
>So do I. Have you checked that you're actually using the banks web >site, and not some impostor (phishing) site? Most banks have some >mechanism for storing an identifying icon or phrase that insures >you've got the correct site and not some phony that's collecting >passwords. > >>Because of the fraud that occurred, we want to make sure that
>>we have a really secure internet connection. >> >>What additional hardware, software etc do I need, if any ? >
>No hardware. Anti-phishing software (i.e. Free AVG 8.0) works well >for identifying evil sites. Add some common sense and some heavy >reading about how internet security works. Pay attention to >anti-virus, anti-spyware, anti-rootkit, and anti-phishing software. >Pick *ONE* that works for you, and uninstall the rest as they trample >each other. > >>Since I am not a techie, pls help me with as much detail as possible.
>
--
>Detail. OK. See: ><http://iase.disa.mil/stigs/checklist/> >Grab the XP and the wireless security checklists. You probably can't >impliment everything on the shopping list as much of it is not >applicable. However, you can get a good idea of what is expected if >you want to be REALLY secure. > >This looks interesting. NIST Wireless Security Checklist: ><http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf> Regards stephen_hope@xyzworld.com - replace xyz with ntl | |||||||||||||||||||||||||
| Similar Threads | Posted |
| Please help us with a fraud situation | May 27, 2008, 11:06 pm |
| Unique Situation | May 31, 2007, 1:15 am |
| Weird wireless situation | February 3, 2006, 2:12 pm |
| Hawking Technology and Micro Center commit consumer fraud via mailin rebate program. | November 6, 2005, 12:01 am |
| Unique situation - Two machines connecting to one wireless network but share one printer | August 29, 2007, 3:59 pm |
>
> We had some identity thefts situations with our credit cards and Bank
> accounts.
> People using our credit cards and writing checks against our account.
>
> How can I set up a really secure internet connection in my home ?
>
> I use a Windows XP - wireless laptop to access the internet I have
> in my home.
> We use Comcast cable.
> We have a WPA secure internet. We use a Netgear Rangemax MIMO
> and the Comcast modem.
>
> Somehow some people have managed to get both our credit card numbers
> and bank account numbers and even driving license number.
>
> I use this internet to access all our bank accounts etc.
>
> Because of the fraud that occurred, we want to make sure that
> we have a really secure internet connection.
>
> What additional hardware, software etc do I need, if any ?
> Since I am not a techie, pls help me with as much detail as possible.
>
>
> Thanks in advance for your help,
>
> Irfan Smith