Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Keylogging detection software?

  • 06-07-2014 2:17pm
    #1
    Registered Users, Registered Users 2 Posts: 757 ✭✭✭


    Hi,

    My visa debit card has been compromised. There are a number of spurious transactions using it.
    I've blocked the card and the issue is with my bank's fraud team.

    I'm assuming my card details were captured online somehow but I would also like to check my laptop to see if there is a keylogger running on it.

    Anyone recommend some good software to use?

    Thank you


Comments

  • Registered Users, Registered Users 2 Posts: 9,554 ✭✭✭Pat Mustard


    I'm going to defer to the experts who post here, but you could start by trying Malwarebytes and Spybot Search & Destroy.

    I also use Keyscrambler, but I don't know how effective it is.


  • Registered Users, Registered Users 2 Posts: 3,739 ✭✭✭Stuxnet


    Run malwarebytes with the computer in "Safe Mode"

    install, and update malwarebytes, then reboot hitting "F8" usually to boot into safe mode, that will catch anything un-toward.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Stuxnet wrote: »
    Run malwarebytes with the computer in "Safe Mode"

    install, and update malwarebytes, then reboot hitting "F8" usually to boot into safe mode, that will catch anything un-toward.

    That will catch anything untoward if malware bytes has a signature for it. I was at a talk recently and there was an analyst from FireEye who said they were seeing malware releases that were obsolete within hours, meaning by the time a signature had been created and pushed out to a client the malware was deactivated, and in some cases had deleted itself. You can also buy a keylogger that is undetectable and if only installed on a small number of systems, will never become detectable.

    OP, by all means scan yourself, but there is no guarantee it will find anything. Maybe try and figure out how your CC details got out in the wild. My money would be on an insecure wireless access point you connected to.


  • Registered Users, Registered Users 2 Posts: 9,390 ✭✭✭markpb


    syklops wrote: »
    OP, by all means scan yourself, but there is no guarantee it will find anything. Maybe try and figure out how your CC details got out in the wild. My money would be on an insecure wireless access point you connected to.

    It could also have been compromised at any merchant, online or retail where it was used at any time in the recent past. To me, this is far more likely than a problem with your machine or network (unless you're in the habit of typing your card details into http sites). It's also likely that Visa had already figured out which merchant is the likely culprit before your bank called you.


  • Closed Accounts Posts: 68 ✭✭Scoobydoo 2


    markpb wrote: »
    It could also have been compromised at any merchant, online or retail where it was used at any time in the recent past. To me, this is far more likely than a problem with your machine or network (unless you're in the habit of typing your card details into http sites). It's also likely that Visa had already figured out which merchant is the likely culprit before your bank called you.
    Would agree with this as my card details were used in the states where chip & pin is not mandatory
    I have never been to the states and never used my visa debit on line ever yet someone managed to walk into a shop and buy $1000 dollars worth of books using merely only my card number
    chances are it was taken during one of the many security breaches like the loyalty build one not so long ago 500.000 customers details
    by all means take all reasonable precautions virus scans and malware scans
    but don't fret if you don't find anything on your pc

    but don't overlook your smart phone if you use it to check your account details or pay for stuff online

    Thing to keep in mind is that its not a credit cardit is a visa debit card and is not covered by the same guarantees that an actual credit card is
    so stick to your guns that you did not leave your card lying around with the pin written on it or gave it to anyone else or anything silly like that that may give them a reason not to pay as this is not a credit card


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 10,902 ✭✭✭✭28064212


    Thing to keep in mind is that its not a credit cardit is a visa debit card and is not covered by the same guarantees that an actual credit card is
    That's incorrect:
    The level of consumer protection in Ireland is the same for both credit and debit cards.

    Boardsie Enhancement Suite - a browser extension to make using Boards on desktop a better experience (includes full-width display, keyboard shortcuts, dark mode, and more). Now available through your browser's extension store.

    Firefox: https://addons.mozilla.org/addon/boardsie-enhancement-suite/

    Chrome/Edge/Opera: https://chromewebstore.google.com/detail/boardsie-enhancement-suit/bbgnmnfagihoohjkofdnofcfmkpdmmce



  • Registered Users, Registered Users 2 Posts: 757 ✭✭✭Laneyh


    Thanks for all the replies, I'm not sure I will be able to trace how and when the card was compromised but it is no harm to be additionally cautious and security aware anyway.

    The bank are sending me out a disclaimer form, so hopefully once I return that I'll be reimbursed.

    Thanks again for your help


  • Registered Users, Registered Users 2 Posts: 757 ✭✭✭Laneyh


    markpb wrote: »
    It could also have been compromised at any merchant, online or retail where it was used at any time in the recent past. To me, this is far more likely than a problem with your machine or network (unless you're in the habit of typing your card details into http sites). It's also likely that Visa had already figured out which merchant is the likely culprit before your bank called you.

    Yes I agree I think it was an online transaction but just going to cover all bases now.
    Understandably I got a bit of a shock when my account was pretty much cleaned out.
    I'd like to do everything I can to prevent that happening again.


  • Closed Accounts Posts: 68 ✭✭Scoobydoo 2


    28064212 wrote: »
    That's incorrect:
    Is it really


    No credit limit applies on visa debit, so your bank account could be cleaned out . At least with credit card, a credit limit applies and and you should not be out of pocket in this scenario. If any overdraft charges are applied, and missed direct debits, then you have to discuss with the bank to try to get them to waive these charges
    Good look with that .


  • Registered Users, Registered Users 2 Posts: 1,667 ✭✭✭Impetus


    Would agree with this as my card details were used in the states where chip & pin is not mandatory
    I have never been to the states and never used my visa debit on line ever yet someone managed to walk into a shop and buy $1000 dollars worth of books using merely only my card number
    chances are it was taken during one of the many security breaches like the loyalty build one not so long ago 500.000 customers details
    by all means take all reasonable precautions virus scans and malware scans
    but don't fret if you don't find anything on your pc

    but don't overlook your smart phone if you use it to check your account details or pay for stuff online

    Thing to keep in mind is that its not a credit cardit is a visa debit card and is not covered by the same guarantees that an actual credit card is
    so stick to your guns that you did not leave your card lying around with the pin written on it or gave it to anyone else or anything silly like that that may give them a reason not to pay as this is not a credit card

    The law has not caught up with banking technology changes. Back in the day, you were protected (and still are) if somebody forges your signature to a cheque -
    Section 24 of the Bills of Exchange Act 1882 (which governs cheques) provides that if a bank pays on a forged cheque, the bank is liable*.

    We now have ATMs, online banking, phantom withdrawals, skimmers, online shopping, mail order, telemarketing, debit cards, charge cards, prepaid cards, and the only card with any form of legal protection is the “revolving credit card” - presumably because money is being lent, and a proper signature is required (which can include an electronic signature).

    It is high time the law of the land was updated to provide protection to bank customers for all types of method of payment. This would force the banks and the Visa/MC system to look again at their procedures for cardholder not present transactions for example. Every bank should have multi-factor authentication (a) to authenticate the login to the banking system and (b) to separately authenticate each payment instruction. The latter requires that part of the payment data (eg the IBAN of the payee) goes into the multi-factor authentication encryption process - to prevent replay attacks. Otherwise it is easy for a “keystroke” logger to capture the multi-factor code, send it to the thief and disconnect you from completing the transaction providing a bogus error message.

    It is a simple extension to use the same multi-factor card reader in conjunction with the payment card to produce additional codes, which change for each transaction, (on top of the card number and expiry date etc for use on online shopping sites.) The variable code does not have to be long - perhaps 3 digits. This would not require any change to the Visa or MC system - because the CVV2 code (the 3 digits on the signing line normally) could instead be a variable computed code using the authentication device and one's payment card. The card issuing bank's authorization system would compute the code and immediately clear or reject the transaction.

    I had a Visa charge card defrauded after going through an autopista toll booth in Spain a few years ago. Invariably I always opt for one of the lanes that one inserts and removes one’s card from - ie nobody else gets to touch it. On this occasion, all the self service lanes were coned off and I stupidly gave my card to the attendant. Within two hours about 5 million KRW was charged to that card - even though I was in Spain (and had used the card with the PIN in a retail establishment two hours earlier. Ie I couldn’t have been in South Korea. In Ireland there are very few toll booths on the motorway that have a Visa/MC self service slot. Forcing one to pay cash or hand over a payment card to the attendant. In France and Switzerland one never has to part with one’s card in a shop - the point of sale infrastructure must be self-service only.

    It is time the protections of the Bill of Exchange Act were made available to all forms of bank payment, as a matter of urgency. This would force the banks to innovate to create the required security.

    The Act says in quaint, hard to read, common law style (Civil law is far simpler to read)

    *“24. Subject to the provisions of this Act, where a signature on a bill is forged or placed thereon without the authority of the person whose signature it purports to be, the forged or unauthorised signature is wholly inoperative, and no right to retain the bill or to give a discharge therefor or to enforce payment thereof against any party thereto can be acquired through or under that signature"


  • Advertisement
  • Closed Accounts Posts: 1,260 ✭✭✭Rucking_Fetard


    Use on screen keyboard for typing


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Use on screen keyboard for typing

    If you think your system is compromised, don't use it for payments full stop.

    Otherwise we will nurture a generation of people who use the on screen keyboard when making payments oblivious to a new generation* of malware which use OCR to read peoples credit card numbers and which doesn't depend on key presses.

    I used the asterisk, because it really isnt all that new at all.

    In many ways the phrase "keylogger" is out dated. "User input logger" is more accurate, but doesnt slide off the tongue as easy.


  • Registered Users, Registered Users 2 Posts: 5,112 ✭✭✭Blowfish


    Use on screen keyboard for typing
    An on screen keyboard is only really going to stop hardware (i.e. physical) keyloggers. Anything software based is going to intercept the keys at either the driver or OS level, both of which the on screen keyboard still have to go through. That aside, most keyloggers these days will capture more than just keys, including a fair few that capture screen caps etc.

    Copying+pasting the password is often suggested as an alternative, but this is even worse as it's far more trivial to capture this than it is the keys in the first place.


Advertisement