Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Applications > Mac Applications and Mac App Store

Reply
 
Thread Tools Search this Thread Display Modes
Old Jun 26, 2013, 12:27 PM   #1
lobomarunga
macrumors newbie
 
Join Date: Jun 2013
Phishing

Hi guys,

I hope this is the right section of the forum.
My problem is: my debit card (which I only use for ecommerce) was hacked (cloned?) a few days ago. Someone used most of my money to top up their account on a betting website. I was wondering if Clamxav or any other AV could do something against whatever got into my mac. I know macs "don't get viruses", but I the scam did happen and now I just want to get back to buy things online with my brand new debit card without funding someone else's gambling.

Just to clarify, I didn't download any illegal or pirated software, but I do download free apps from websites even when I don't know if they're safe or not.

Thank you for your help!
Antonio
lobomarunga is offline   0 Reply With Quote
Old Jun 26, 2013, 12:35 PM   #2
blackhand1001
macrumors 68030
 
blackhand1001's Avatar
 
Join Date: Jan 2009
unfortunately any operating system is vulnerable to phishing as it doesn't require any software to be installed. Its all done by social engineering. Windows actually has better anti phishing filtering than apple at the moment who really doesn't have any.
__________________
Macbook 2008
HP Dv7t - 2.53 ghz, 9600m GT, WSXGA+, 120gb ssd, 250 gb 7200rpm
Core i7 3770k, 8gb ram, 2x 120gb sdd raid0, 500gb hdd, GTX 460
Moto X Dev Edition (VZW) Nexus 7
blackhand1001 is offline   0 Reply With Quote
Old Jun 26, 2013, 01:20 PM   #3
Guiyon
macrumors 6502a
 
Join Date: Mar 2008
Location: North Shore, MA
It's possible (and likely) that it was not even your machine that was compromised. Someone else could easily get your card info if the online shops you are buying from were compromised and they did not take adequate measures to protect your payment information. At that point, no amount of antivirus/antiphishing/etc software is going to help you.
__________________
Make life easier if you have a programming question!
http://www.sscce.org/
Guiyon is offline   1 Reply With Quote
Old Jun 26, 2013, 04:08 PM   #4
firedept
macrumors Demi-God
 
firedept's Avatar
 
Join Date: Jul 2011
Location: Somewhere!
I agree with both posters but wanted to add something. Whenever I receive an email requesting personal information, I will go directly to that site and see if they actually require the info they are requesting.

I am a seller on Ebay for many years and have seen hundreds of these type of phishing emails come to me. Thieves are extremely clever & talented (I use those words loosely) at trying to finds ways of stealing from people. You just have to learn to stay ahead of their tricks.
__________________
Success only comes before work in the dictionary!
firedept is offline   0 Reply With Quote
Old Jun 26, 2013, 04:35 PM   #5
lobomarunga
Thread Starter
macrumors newbie
 
Join Date: Jun 2013
Thank you all for your replies.

The problem is that over the last 30 days I've only used my card on two sites, on which I had used it before with no problems (groupon and the Italian national railways) and I signed up on paypal - which should be ok - therefore I think it might be something in my computer.
What you're saying, tho, is that there is nothing I can install to prevent phishing from happening, a filter for example?
Would it be in any way useful to run a scan with clamxav or any similar sw?
b
lobomarunga is offline   0 Reply With Quote
Old Jun 26, 2013, 05:13 PM   #6
Guiyon
macrumors 6502a
 
Join Date: Mar 2008
Location: North Shore, MA
Quote:
Originally Posted by lobomarunga View Post
What you're saying, tho, is that there is nothing I can install to prevent phishing from happening, a filter for example?
The best filter you can use is attached to your spine, right between your shoulders.
__________________
Make life easier if you have a programming question!
http://www.sscce.org/
Guiyon is offline   2 Reply With Quote
Old Jun 26, 2013, 06:54 PM   #7
ApfelKuchen
macrumors 6502a
 
Join Date: Aug 2012
Location: Between the coasts
"Phishing" has nothing to do with downloaded software. As the name implies, someone is "fishing" for valuable information. It's another name for "con job."

It can happen when your phone rings and they ask you for your credit card number so they can ship you a "prize," or ask for a donation.

It can happen when someone sends you email that tells you your account info has to be updated or your account will be canceled, just "click this link to get started." You click the link, the web site seems legit, so you give them your info.

If you suspect downloaded software is sending your personal info to someone, then it's not considered "phishing," though the impact on your wallet may be the same. You could obtain a free Mac "anti-virus" program like Avast (available at reputable sites like CNET.com), but if you read the description, it's focused on identifying unsafe/fraudulent web sites - which is a far greater risk to users of Macs than hidden programs on your computer. While it scans files, too, there's very little for it to find. If it'll make you feel better, by all means, install it. I doubt it will find what you expect to find.

Credit card fraud is rampant, and simply doesn't need things like malicious computer programs. As others have explained, your card info could have been collected in many other ways. The fact that you only gave your card info to two sites in the last 30 days is nearly meaningless. Your card info could have been stolen 6 months ago, and simply not used until now.
ApfelKuchen is offline   1 Reply With Quote
Old Jun 27, 2013, 03:34 AM   #8
lobomarunga
Thread Starter
macrumors newbie
 
Join Date: Jun 2013
Thank you for your really helpful comment, ApfelKuchen. I just thought it'd be weird that someone stole my credit card details and waited such a long time before using it (it's a risk for them, in a way, to wait for so long). I am still puzzled since I tend to surf on safe sites and of course never reply to phishing mails and stuff like that, but then again our computers are vulnerable in a thousand ways: I'll install Avast and/or ClamXav and use it as a sentry.

@Guyon, I can see something there attached to my spine, but it is a monkey playing the drums and smoking oregano, so I guess that explains it all, doesn't it?

Thank you again, guys, especially those who actually gave good advice.
lobomarunga is offline   0 Reply With Quote
Old Jun 27, 2013, 05:43 AM   #9
gnasher729
macrumors G5
 
gnasher729's Avatar
 
Join Date: Nov 2005
Quote:
Originally Posted by lobomarunga View Post
Thank you for your really helpful comment, ApfelKuchen. I just thought it'd be weird that someone stole my credit card details and waited such a long time before using it (it's a risk for them, in a way, to wait for so long). I am still puzzled since I tend to surf on safe sites and of course never reply to phishing mails and stuff like that, but then again our computers are vulnerable in a thousand ways: I'll install Avast and/or ClamXav and use it as a sentry.
You go to a petrol station, use your credit card, and next day money leaves your account. Someone else goes to the same petrol station, uses their credit card, and money leaves their account. People call the police, they find the connection, and catch an employee. Happened exactly like that to a colleague of mine.

If I stole credit card info, I would wait a while to make sure nobody can make the connection. You know the expiry date, so there's not much of a risk.
gnasher729 is online now   1 Reply With Quote
Old Jun 27, 2013, 05:58 AM   #10
SpinalTap
macrumors member
 
Join Date: Sep 2003
Location: Birmingham, UK
For what it's worth, I have Norton, Sophos, and Intego AV software on my Mac.

Of the three, only Intego has warned me of a phishing attack on my Mac - for which I took the appropriate avoidance action on being warned.
__________________
My Mac can go all the way up to XI
SpinalTap is offline   1 Reply With Quote
Old Jun 28, 2013, 03:09 AM   #11
lobomarunga
Thread Starter
macrumors newbie
 
Join Date: Jun 2013
Quote:
Originally Posted by gnasher729 View Post
You go to a petrol station, use your credit card, and next day money leaves your account. Someone else goes to the same petrol station, uses their credit card, and money leaves their account. People call the police, they find the connection, and catch an employee. Happened exactly like that to a colleague of mine.

If I stole credit card info, I would wait a while to make sure nobody can make the connection. You know the expiry date, so there's not much of a risk.
You're probably right, I hadn't thought of that, it clearly isn't a career option for me, I am afraid...
lobomarunga is offline   0 Reply With Quote
Old Jul 2, 2013, 03:19 AM   #12
lobomarunga
Thread Starter
macrumors newbie
 
Join Date: Jun 2013
quick update

I ran a scan with avast! and found a few pc viruses (which I deleted just in case) and a couple of "bankfraud-BJG Trojans" (apparently the Zeus type) which are probably guilty for the, ehm, bank fraud. I deleted them from Avast! and got rid of the AV altogether afterwards, since it isn't apparently the best for macs.
I am now scanning my mac again with clamXav and nothing was found so far.

What I learnt from this is that no matter how safe your computing is, malwares and trojans can still affect your computer, and a scan every now and then is good practice.

Last edited by lobomarunga; Jul 2, 2013 at 08:20 AM.
lobomarunga is offline   0 Reply With Quote
Old Jul 2, 2013, 10:35 AM   #13
Guiyon
macrumors 6502a
 
Join Date: Mar 2008
Location: North Shore, MA
AFAIK, the Zeus trojan series is for Windows, BlackBerry and Android; it does not run on Mac OS X or Linux. It's possible (and likely) that all avast found were some cached files that you picked up at some point but there is no way for them to actually do anything as they are not code that Mac OS X can execute. Still useful to remove them, though; it stops you from being a carrier by accident.
__________________
Make life easier if you have a programming question!
http://www.sscce.org/
Guiyon is offline   0 Reply With Quote
Old Jul 2, 2013, 11:06 AM   #14
lobomarunga
Thread Starter
macrumors newbie
 
Join Date: Jun 2013
Quote:
Originally Posted by Guiyon View Post
AFAIK, the Zeus trojan series is for Windows, BlackBerry and Android; it does not run on Mac OS X or Linux. It's possible (and likely) that all avast found were some cached files that you picked up at some point but there is no way for them to actually do anything as they are not code that Mac OS X can execute. Still useful to remove them, though; it stops you from being a carrier by accident.
I am not sure it was a Zeus (avast didn't tell me its name), but avast certainly called it a "bankfraud-BJG [Trj]. If it wasn't the culprit, I wonder what else could be. I am scanning both my macs just in case, with extradoses of antiviruses. I haven't found much so far (apart from the abovementioned trojan), but it's good for my peace of mind.
lobomarunga is offline   0 Reply With Quote
Old Jul 2, 2013, 11:13 AM   #15
Guiyon
macrumors 6502a
 
Join Date: Mar 2008
Location: North Shore, MA
Just because it find something doesn't mean you're infected. You can pick up a surprising amount of crap in your cache just from regular browsing. In addition, most virus scanners use a signature database that is unified across platforms; if the signature matches, the scanner will report a match regardless of whether the program is able to execute or not. It doesn't help that the scanners are tweaked to report a maximum number of critical warnings. For example, running scanners on a typical Windows systems will report a *huge* number of "infected" cookies when most of them are simply tracking cookies that, while not being something you want on the system, aren't going to really do anything.

tl;dr: take everything malware scanners report with a grain of salt. If you don't know what you're looking for, they are akin to randomly searching WebMD; you start out with the sniffles and end up with brain cancer.

Edit:
Looks like your "trojan" is HTML/Bankfraud.gen. Avast has basically identified a known phishing email. It's completely harmless as long as you don't click any links and then enter whatever sensitive information they are asking for.
__________________
Make life easier if you have a programming question!
http://www.sscce.org/

Last edited by Guiyon; Jul 2, 2013 at 11:27 AM.
Guiyon is offline   1 Reply With Quote
Old Jul 2, 2013, 11:42 AM   #16
carlgo
macrumors 68000
 
Join Date: Dec 2006
Evidently there are scanners that can read your card in your pocket. The perps hang out where people gather. Mine was I am about 90% sure was scanned at Seaworld.

BofA detected the suspicious activity, attempts to buy iToys in another state.
carlgo is offline   0 Reply With Quote
Old Jul 2, 2013, 11:45 AM   #17
lobomarunga
Thread Starter
macrumors newbie
 
Join Date: Jun 2013
Quote:
Originally Posted by Guiyon View Post
Looks like your "trojan" is HTML/Bankfraud.gen. Avast has basically identified a known phishing email. It's completely harmless as long as you don't click any links and then enter whatever sensitive information they are asking for.
Which I of course didn't. I am not saying that *that* trojan must be the one that infected my system. As you said, I might not even be infected. I am just trying to clean my system(s), since I actually got scammed and I am trying to figure out what happened and if it happened through my computer. But as you said earlier, they might have stolen my credit card details in a variety of ways, i.e. not through a virus/malware/trojan and I do appreciate your sensible advice not to stress too much over it.

Last edited by lobomarunga; Jul 2, 2013 at 11:49 AM. Reason: bad grammar!
lobomarunga is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Applications > Mac Applications and Mac App Store

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Another phishing attempt MacSince1985 Community Discussion 0 Nov 4, 2013 01:06 PM
Apple Phishing ? TayHarley Mac Basics and Help 2 Aug 6, 2013 05:11 PM
Phishing e mail tl01 iPhone 3 Sep 22, 2012 09:23 PM
Phishing and Malware marty1990 iPad 1 Jul 17, 2012 09:52 AM
Phishing on Mac i-am-doomed Current Events 2 Jun 6, 2012 04:22 PM

Forum Jump

All times are GMT -5. The time now is 09:29 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC