Hacked? and debit card fraud.
Discussion
Can anyone please help i'm at a serious loss here as to how this could have happened, and in complete shock.
Tuesday morning i get a call from my bank saying there was suspicious activity on my account and did i recognise a list of transactions to a gambling co, pbl or something, i didn't. they said they would look into it and try and refund once gone from my account.
yesterday i see on my online statement that there were a number of £100 deposits, then £150, then 2x £1000 to pponline, which i recognised as paddypower as i have had an account for years.
i phoned paddypower to raise the alarm that someone had used my debit card with another account, and when speaking to them discovered it had gone through my account. £1000 bet on a tennis match on sunday and then all money into poker. I never bet more than £10 and have never played poker, so i would have thought they would flag it as suspicious.
Somehow someone has got my cv2 number from the back of my bank card and my paddypower password, then stolen all this money.
paddypower say there is no sign of an account takeover and it looks as if all done from my pc. I was in all day sunday when this happened and noone had access to my pc. the bank are giving me a telephone interview tomorrow lunch.
i just can't understand how this has happened, or how to prevent it again.(paddypower account closed now)
sorry for poor grammar, i'm in complete shock and shaking here, and really cant afford to lose this money.
Tuesday morning i get a call from my bank saying there was suspicious activity on my account and did i recognise a list of transactions to a gambling co, pbl or something, i didn't. they said they would look into it and try and refund once gone from my account.
yesterday i see on my online statement that there were a number of £100 deposits, then £150, then 2x £1000 to pponline, which i recognised as paddypower as i have had an account for years.
i phoned paddypower to raise the alarm that someone had used my debit card with another account, and when speaking to them discovered it had gone through my account. £1000 bet on a tennis match on sunday and then all money into poker. I never bet more than £10 and have never played poker, so i would have thought they would flag it as suspicious.
Somehow someone has got my cv2 number from the back of my bank card and my paddypower password, then stolen all this money.
paddypower say there is no sign of an account takeover and it looks as if all done from my pc. I was in all day sunday when this happened and noone had access to my pc. the bank are giving me a telephone interview tomorrow lunch.
i just can't understand how this has happened, or how to prevent it again.(paddypower account closed now)
sorry for poor grammar, i'm in complete shock and shaking here, and really cant afford to lose this money.
i have eset nod32 on both laptop and pc, ran a scan on laptop with that and with malwarebytes, running a scan on the main pc which doesn't get used often now, and it's found 3 infiltrations, and still scanning.
i haven't spent the money, but i'm worried it looks like i have as they had my password for paddypower and my cv2 number from the back of my card.
paddypower says it looks like was done from my ip address too which is worrying.
i only have the standard firewalls. Any recomendations?
i haven't spent the money, but i'm worried it looks like i have as they had my password for paddypower and my cv2 number from the back of my card.
paddypower says it looks like was done from my ip address too which is worrying.
i only have the standard firewalls. Any recomendations?
Ian_S said:
i have eset nod32 on both laptop and pc, ran a scan on laptop with that and with malwarebytes, running a scan on the main pc which doesn't get used often now, and it's found 3 infiltrations, and still scanning.
i haven't spent the money, but i'm worried it looks like i have as they had my password for paddypower and my cv2 number from the back of my card.
paddypower says it looks like was done from my ip address too which is worrying.
i only have the standard firewalls. Any recomendations?
When you go to the Paddy Power website, do you have to enter login details or have you got them 'saved'? Do you often leave the PC on and walk away from it? What I'm trying to get at is, is it possible that someone has gained access to remote control your PC and spend time on Paddy Power spending your money?i haven't spent the money, but i'm worried it looks like i have as they had my password for paddypower and my cv2 number from the back of my card.
paddypower says it looks like was done from my ip address too which is worrying.
i only have the standard firewalls. Any recomendations?
Arese said:
Ian_S said:
i have eset nod32 on both laptop and pc, ran a scan on laptop with that and with malwarebytes, running a scan on the main pc which doesn't get used often now, and it's found 3 infiltrations, and still scanning.
i haven't spent the money, but i'm worried it looks like i have as they had my password for paddypower and my cv2 number from the back of my card.
paddypower says it looks like was done from my ip address too which is worrying.
i only have the standard firewalls. Any recomendations?
When you go to the Paddy Power website, do you have to enter login details or have you got them 'saved'? Do you often leave the PC on and walk away from it? What I'm trying to get at is, is it possible that someone has gained access to remote control your PC and spend time on Paddy Power spending your money?i haven't spent the money, but i'm worried it looks like i have as they had my password for paddypower and my cv2 number from the back of my card.
paddypower says it looks like was done from my ip address too which is worrying.
i only have the standard firewalls. Any recomendations?
pc was on all day sunday as we use it to stream downloaded tv programmes
Edited by Ian_S on Thursday 15th July 18:29
Ian_S said:
Arese said:
Ian_S said:
i have eset nod32 on both laptop and pc, ran a scan on laptop with that and with malwarebytes, running a scan on the main pc which doesn't get used often now, and it's found 3 infiltrations, and still scanning.
i haven't spent the money, but i'm worried it looks like i have as they had my password for paddypower and my cv2 number from the back of my card.
paddypower says it looks like was done from my ip address too which is worrying.
i only have the standard firewalls. Any recomendations?
When you go to the Paddy Power website, do you have to enter login details or have you got them 'saved'? Do you often leave the PC on and walk away from it? What I'm trying to get at is, is it possible that someone has gained access to remote control your PC and spend time on Paddy Power spending your money?i haven't spent the money, but i'm worried it looks like i have as they had my password for paddypower and my cv2 number from the back of my card.
paddypower says it looks like was done from my ip address too which is worrying.
i only have the standard firewalls. Any recomendations?
pc was on all day sunday as we use it to stream downloaded tv programmes
Edited by Ian_S on Thursday 15th July 18:29
Cheese Mechanic said:
That , historically, has been a sign of something nasty on a machine.
With viruses , it was common for them to crash your machine if you tried to log on to an antivirus website.
Drive needs to be analysed via another boot disk.
What do you mean by another boot disk? i'm not that competent sorry.With viruses , it was common for them to crash your machine if you tried to log on to an antivirus website.
Drive needs to be analysed via another boot disk.
Ian_S said:
sunday was when all the bets and poker games were played.
says no events to view. just realised i have logmein installed for use with the iphone, could that have been compromised?
In theory, anything can be compromised. But, having an application running in the background listening for connections is just another way in. That said, it's likely that Windows already had a connection listening for Remote Desktop.says no events to view. just realised i have logmein installed for use with the iphone, could that have been compromised?
Edited by Ian_S on Thursday 15th July 19:21
Personally, I'd backup any documents/images that are critical (these tend not to get infected with virii) and flatten and reinstall Windows. But you will then never really know what happened.
What version of Windows are you running?
If Event Viewer says there are no events to view, then there's something not right there as there are always events to view.
You're not a million miles from me, so if comes to it I may be able to have a look at it for you...
Edited by Arese on Thursday 15th July 20:51
There are events to view on event viewer, but non under security.
The virus scan is crashing on the d: drive, (i have a few hds in the pc) so i have tried scanning just that drive and it still crashes, i am now trying to scan the other drives ignoring the d:, to see if they are clear.
Then i think i will need to format the problem drive at a minimum.
Thanks for the offer arese, i may need to take you up on it.
The virus scan is crashing on the d: drive, (i have a few hds in the pc) so i have tried scanning just that drive and it still crashes, i am now trying to scan the other drives ignoring the d:, to see if they are clear.
Then i think i will need to format the problem drive at a minimum.
Thanks for the offer arese, i may need to take you up on it.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff