A good amount of money has been stolen from my bank account bypassing the double factor authentication.

Sure, the phishing attack was the key event. But how did they get the CVV from the back of the card??? That question is puzzling me! Because it suggests a browser hack on freebsd, and reading the CVV from the browser history. He said he never did any bank website transactions on the phone, only on freebsd pc. So maybe the hackers have been targetting him for some time... in multiple stages... ? Well, I'm just making guesswork...
that question is a puzzle; how did they get the CVV?
 
blackbird9 said:
Going back to trying to use secure DNS to protect against being directed to spoofed websites, I found this interesting forum thread on using Tor to provide DNS service, in place of cloudflare, quad9 etc (at least, I think that's what she is suggesting). Quite interesting, I haven't tried this, I don't know anything about tor, or how advisable doing this would be. Perhaps it provides an alternative to things like cloudflare though, if cloudflare is suspect.

S

Thread 'How to make local_unbound using DNS from the tor network, which is heavily encrypted.'

By following these instructions, is possible to obtain an encrypted DNS connection for internal local network or local computer running FreeBSD. The local_unbound package allows to hash DNS queries on the local machine, this prevents DNS from querying the site addresses, which is another security feature.

What is needed:
Computer with local unbound package. It is installed by default, so is not nessesy to install it.
TOR package

First, we install the tor package
Code: 
 pkg install tor

Because tor requires a packet filter to operate, and most importantly, it checks the permissions...
  • Like

Does anyone have any views on whether doing this would be a good or bad idea?
Click to expand...

I worked on the TOR configuration some years ago in this forum and I used it for some time...when I realized that it does not give a stable connection,I stopped using it.
 
_martin said:
I mentioned it now 3 times. Not all transactions require CVV.

But yes, this is Mario-styled thread :) There are more questions than answers.
Click to expand...

I read it. What I wanted to say is that,in my opinion,that choice does not protect well the customers,so the bank for me is responsible for this behavior. I can say that it does not act as a good family man.
 
I would ask the bank if they are prepared to provide any compensation. If they say 'no', then maybe it's easier to forget it. If you hire a lawyer to to fight the bank, it can cost a lot of money, especially if you lose. Or if you go "no-win, no fee" route, then the lawyer will take 90% of the compensation... :mad:
Of course it depends how big the stolen amount was... if he bought a brand new lamborghini with your card, then maybe it's time to fight :)
 
blackbird9 said:
I can't remember a transaction where they don't ask for it.... in UK, anyway. I guess it's possible though.
Click to expand...
I mean me too to be honest. Some don't require 2FA for sure but CVV was sent (name+card #+cvv). But I know some don't and I think I was suprised like this before.

But here only ZioMario knows what he was actually doing (hopefully) and what he approved by mistake.
 
blackbird9 said:
Or if you go "no-win, no fee" route, then the lawyer will take 90% of the compensation
Click to expand...
While thread says "good amount of money" I have a feeling it was not that much. Enough to get angry for sure but not enough to sue a bank.
One more "beer advice" I'll give -- consult this with a lawyer. 200-300EUR for consultation would be worth it if "good amount of money" is .. well, good amount of money.

In all seriousness -- just make sure you understand where you did mistake and how to avoid it in the future.
 
When you are busy working... in a rush... family comittments... sometimes you can't keep track of every detail, and things get through. Of course that is how the scammers win... :mad:. It's easy to miss something and then they have got your money.
 
You must log in or register to reply here.
Back
Top