Phishing

Discussion in 'Mac Apps and Mac App Store' started by lobomarunga, Jun 26, 2013.

  1. macrumors newbie

    Joined:
    Jun 26, 2013
    #1
    Hi guys,

    I hope this is the right section of the forum.
    My problem is: my debit card (which I only use for ecommerce) was hacked (cloned?) a few days ago. Someone used most of my money to top up their account on a betting website. I was wondering if Clamxav or any other AV could do something against whatever got into my mac. I know macs "don't get viruses", but I the scam did happen and now I just want to get back to buy things online with my brand new debit card without funding someone else's gambling.

    Just to clarify, I didn't download any illegal or pirated software, but I do download free apps from websites even when I don't know if they're safe or not.

    Thank you for your help!
    Antonio
     
  2. macrumors 68030

    blackhand1001

    Joined:
    Jan 6, 2009
    #2
    unfortunately any operating system is vulnerable to phishing as it doesn't require any software to be installed. Its all done by social engineering. Windows actually has better anti phishing filtering than apple at the moment who really doesn't have any.
     
  3. macrumors 6502a

    Joined:
    Mar 19, 2008
    Location:
    North Shore, MA
    #3
    It's possible (and likely) that it was not even your machine that was compromised. Someone else could easily get your card info if the online shops you are buying from were compromised and they did not take adequate measures to protect your payment information. At that point, no amount of antivirus/antiphishing/etc software is going to help you.
     
  4. macrumors demi-god

    firedept

    Joined:
    Jul 8, 2011
    Location:
    Somewhere!
    #4
    I agree with both posters but wanted to add something. Whenever I receive an email requesting personal information, I will go directly to that site and see if they actually require the info they are requesting.

    I am a seller on Ebay for many years and have seen hundreds of these type of phishing emails come to me. Thieves are extremely clever & talented (I use those words loosely) at trying to finds ways of stealing from people. You just have to learn to stay ahead of their tricks.
     
  5. thread starter macrumors newbie

    Joined:
    Jun 26, 2013
    #5
    Thank you all for your replies.

    The problem is that over the last 30 days I've only used my card on two sites, on which I had used it before with no problems (groupon and the Italian national railways) and I signed up on paypal - which should be ok - therefore I think it might be something in my computer.
    What you're saying, tho, is that there is nothing I can install to prevent phishing from happening, a filter for example?
    Would it be in any way useful to run a scan with clamxav or any similar sw?
    b
     
  6. macrumors 6502a

    Joined:
    Mar 19, 2008
    Location:
    North Shore, MA
    #6
    The best filter you can use is attached to your spine, right between your shoulders.
     
  7. macrumors 6502a

    Joined:
    Aug 28, 2012
    Location:
    Between the coasts
    #7
    "Phishing" has nothing to do with downloaded software. As the name implies, someone is "fishing" for valuable information. It's another name for "con job."

    It can happen when your phone rings and they ask you for your credit card number so they can ship you a "prize," or ask for a donation.

    It can happen when someone sends you email that tells you your account info has to be updated or your account will be canceled, just "click this link to get started." You click the link, the web site seems legit, so you give them your info.

    If you suspect downloaded software is sending your personal info to someone, then it's not considered "phishing," though the impact on your wallet may be the same. You could obtain a free Mac "anti-virus" program like Avast (available at reputable sites like CNET.com), but if you read the description, it's focused on identifying unsafe/fraudulent web sites - which is a far greater risk to users of Macs than hidden programs on your computer. While it scans files, too, there's very little for it to find. If it'll make you feel better, by all means, install it. I doubt it will find what you expect to find.

    Credit card fraud is rampant, and simply doesn't need things like malicious computer programs. As others have explained, your card info could have been collected in many other ways. The fact that you only gave your card info to two sites in the last 30 days is nearly meaningless. Your card info could have been stolen 6 months ago, and simply not used until now.
     
  8. thread starter macrumors newbie

    Joined:
    Jun 26, 2013
    #8
    Thank you for your really helpful comment, ApfelKuchen. I just thought it'd be weird that someone stole my credit card details and waited such a long time before using it (it's a risk for them, in a way, to wait for so long). I am still puzzled since I tend to surf on safe sites and of course never reply to phishing mails and stuff like that, but then again our computers are vulnerable in a thousand ways: I'll install Avast and/or ClamXav and use it as a sentry.

    @Guyon, I can see something there attached to my spine, but it is a monkey playing the drums and smoking oregano, so I guess that explains it all, doesn't it?

    Thank you again, guys, especially those who actually gave good advice.
     
  9. macrumors G5

    gnasher729

    Joined:
    Nov 25, 2005
    #9
    You go to a petrol station, use your credit card, and next day money leaves your account. Someone else goes to the same petrol station, uses their credit card, and money leaves their account. People call the police, they find the connection, and catch an employee. Happened exactly like that to a colleague of mine.

    If I stole credit card info, I would wait a while to make sure nobody can make the connection. You know the expiry date, so there's not much of a risk.
     
  10. macrumors regular

    SpinalTap

    Joined:
    Sep 25, 2003
    Location:
    Bournville, UK
    #10
    For what it's worth, I have Norton, Sophos, and Intego AV software on my Mac.

    Of the three, only Intego has warned me of a phishing attack on my Mac - for which I took the appropriate avoidance action on being warned.
     
  11. thread starter macrumors newbie

    Joined:
    Jun 26, 2013
    #11
    You're probably right, I hadn't thought of that, it clearly isn't a career option for me, I am afraid... :)
     
  12. lobomarunga, Jul 2, 2013
    Last edited: Jul 2, 2013

    thread starter macrumors newbie

    Joined:
    Jun 26, 2013
    #12
    quick update

    I ran a scan with avast! and found a few pc viruses (which I deleted just in case) and a couple of "bankfraud-BJG Trojans" (apparently the Zeus type) which are probably guilty for the, ehm, bank fraud. I deleted them from Avast! and got rid of the AV altogether afterwards, since it isn't apparently the best for macs.
    I am now scanning my mac again with clamXav and nothing was found so far.

    What I learnt from this is that no matter how safe your computing is, malwares and trojans can still affect your computer, and a scan every now and then is good practice.
     
  13. macrumors 6502a

    Joined:
    Mar 19, 2008
    Location:
    North Shore, MA
    #13
    AFAIK, the Zeus trojan series is for Windows, BlackBerry and Android; it does not run on Mac OS X or Linux. It's possible (and likely) that all avast found were some cached files that you picked up at some point but there is no way for them to actually do anything as they are not code that Mac OS X can execute. Still useful to remove them, though; it stops you from being a carrier by accident.
     
  14. thread starter macrumors newbie

    Joined:
    Jun 26, 2013
    #14
    I am not sure it was a Zeus (avast didn't tell me its name), but avast certainly called it a "bankfraud-BJG [Trj]. If it wasn't the culprit, I wonder what else could be. I am scanning both my macs just in case, with extradoses of antiviruses. I haven't found much so far (apart from the abovementioned trojan), but it's good for my peace of mind.
     
  15. Guiyon, Jul 2, 2013
    Last edited: Jul 2, 2013

    macrumors 6502a

    Joined:
    Mar 19, 2008
    Location:
    North Shore, MA
    #15
    Just because it find something doesn't mean you're infected. You can pick up a surprising amount of crap in your cache just from regular browsing. In addition, most virus scanners use a signature database that is unified across platforms; if the signature matches, the scanner will report a match regardless of whether the program is able to execute or not. It doesn't help that the scanners are tweaked to report a maximum number of critical warnings. For example, running scanners on a typical Windows systems will report a *huge* number of "infected" cookies when most of them are simply tracking cookies that, while not being something you want on the system, aren't going to really do anything.

    tl;dr: take everything malware scanners report with a grain of salt. If you don't know what you're looking for, they are akin to randomly searching WebMD; you start out with the sniffles and end up with brain cancer.

    Edit:
    Looks like your "trojan" is HTML/Bankfraud.gen. Avast has basically identified a known phishing email. It's completely harmless as long as you don't click any links and then enter whatever sensitive information they are asking for.
     
  16. macrumors 68000

    Joined:
    Dec 29, 2006
    #16
    Evidently there are scanners that can read your card in your pocket. The perps hang out where people gather. Mine was I am about 90% sure was scanned at Seaworld.

    BofA detected the suspicious activity, attempts to buy iToys in another state.
     
  17. lobomarunga, Jul 2, 2013
    Last edited: Jul 2, 2013

    thread starter macrumors newbie

    Joined:
    Jun 26, 2013
    #17
    Which I of course didn't. I am not saying that *that* trojan must be the one that infected my system. As you said, I might not even be infected. I am just trying to clean my system(s), since I actually got scammed and I am trying to figure out what happened and if it happened through my computer. But as you said earlier, they might have stolen my credit card details in a variety of ways, i.e. not through a virus/malware/trojan and I do appreciate your sensible advice not to stress too much over it.
     

Share This Page