Go Down

Topic: This is the month of fraud prevention, lol (Read 5991 times) previous topic - next topic

Nick Gammon

I got this email:

Quote

Due to our recent security updates and several fraud attemps in July ( month of fraud prevention ) we find it necessary that you should verify your account details that we have on file to ensure that your online service is not interrupted.

We request you to confirm and update your information today

Yours sincerely,
Westpac Banking Corporation


Note "attempts" is misspelt. Also the email was sent in August, rofl.

Hovering the mouse over the "Confirm your account" I see that the link goes to "XXXgirleuphoriaXXX" (part redacted). Somehow I don't think the Westpac Bank has outsourced its account confirmation to something to do with "girls" and "euphoria".

Rather cunningly, they advise you to beware of phishing attempts:

Quote

How do I know this is not a Spoof email? Spoof or 'phishing' emails tend to have generic greetings such as "Dear member". Emails from Westpac will always address you by your e-mail or first and last name

Please post technical questions on the forum, not by personal message. Thanks!

More info:
http://www.gammon.com.au/electronics

liudr

There's plenty of stupid people ready to fall for it that's why these apparently phony emails still make their rounds. They can't keep sending these emails on purely evil thoughts. They need to get paid, right?

radman

What worries me is hacked credit card readers that can read the magnetic stip and the pin you input.

Even worse are the contactless cards that are being issued. At least at present I have to take my card out of my pocket and stick it in something. How do others feel about them?

Drew Davis

My favorite scam is the FBI one... So fake! I can't believe people fall for it!


http://www.pcrisk.com/removal-guides/6772-remove-fbi-your-computer-has-been-locked-scam

CrossRoads

I find it funnier to get phishing e-mails for banks I don't even have accounts with 8)
Designing & building electrical circuits for over 25 years.  Screw Shield for Mega/Due/Uno,  Bobuino with ATMega1284P, & other '328P & '1284P creations & offerings at  my website.

liudr

There was a recent discussion sparked by a surveillance video of car thefts possibly against the new keyless systems (RFID type) I used tin foil and that still didn't block the transmission.

Nick Gammon


What worries me is hacked credit card readers that can read the magnetic stip and the pin you input.

Even worse are the contactless cards that are being issued. At least at present I have to take my card out of my pocket and stick it in something. How do others feel about them?


A local shop sells little metal containers you can put your cards into. :)

But those contactless gadgets have a short range, and for them to do much the shopkeeper would have to have rung up a sale just as you walked past it.
Please post technical questions on the forum, not by personal message. Thanks!

More info:
http://www.gammon.com.au/electronics

Nick Gammon


I find it funnier to get phishing e-mails for banks I don't even have accounts with 8)


Yes, and that applied to me in this case. I don't bank with Westpac. It's slightly more believable when it's from your actual bank, or eBay.
Please post technical questions on the forum, not by personal message. Thanks!

More info:
http://www.gammon.com.au/electronics

radman

Quote
There was a recent discussion sparked by a surveillance video of car thefts possibly against the new keyless systems (RFID type) I used tin foil and that still didn't block the transmission.

liudr, you lost me a bit are you saying you used tinfoil and it did not block transmission ?

liudr



What worries me is hacked credit card readers that can read the magnetic stip and the pin you input.

Even worse are the contactless cards that are being issued. At least at present I have to take my card out of my pocket and stick it in something. How do others feel about them?


A local shop sells little metal containers you can put your cards into. :)

But those contactless gadgets have a short range, and for them to do much the shopkeeper would have to have rung up a sale just as you walked past it.


Not necessary. They can pick up your signal and transmit it to a different shop miles away and retransmit it to that shop so they thought you were there. They can do this with a car already.

http://hackaday.com/2013/06/05/ask-hackaday-how-are-these-thieves-exploiting-automotive-keyless-entry/

I found a research paper on this topic. Authors were able to "steal" the cars by picking up the key signal, transmitting it to a receiver and resending it to the car. The car thinks the key is near and grants access.

liudr


Quote
There was a recent discussion sparked by a surveillance video of car thefts possibly against the new keyless systems (RFID type) I used tin foil and that still didn't block the transmission.

liudr, you lost me a bit are you saying you used tinfoil and it did not block transmission ?


Only stopped me from opening my trunk. I was able to get in my car with my key fob in my pocket wrapped in tin foil.

tmd3

I used tin foil and that still didn't block the transmission.

Hmmph.  Guess I don't need this anymore, then.

radman

Quote
Only stopped me from opening my trunk. I was able to get in my car with my key fob in my pocket wrapped in tin foil.


So a Faraday Cage is only a Faraday Cage if the metal structure enclosing the area is also earthed?
Is that correct? What is the definition of a Faraday Cage? Does such a Cage not also block radio frequencies?

Nick Gammon


Not necessary. They can pick up your signal and transmit it to a different shop miles away and retransmit it to that shop so they thought you were there.


Yes but the contactless card don't transmit. They are RFID-style cards, right? There is no signal to be caught and relayed.

http://en.wikipedia.org/wiki/Contactless_smart_card

Quote

A contactless smart card is a card in which the chip communicates with the card reader through an induction technology similar to that of an RFID (at data rates of 106 to 848 kbit/s). These cards require only close proximity to an antenna to complete a transaction. They are often used when transactions must be processed quickly or hands-free, such as on mass transit systems, where a smart card can be used without even removing it from a wallet.


And:

Quote

It defines two types of contactless cards ("A" and "B") and allows for communications at distances up to 10 cm (3.9 in)


More than 4 inches from a cash register and you are OK. Plus, it would need to be subverted somewhat to ring up a sale without you noticing. Heck, if the shop is that dishonest you probably have other problems.
Please post technical questions on the forum, not by personal message. Thanks!

More info:
http://www.gammon.com.au/electronics

thepenguin


Quote

It defines two types of contactless cards ("A" and "B") and allows for communications at distances up to 10 cm (3.9 in)


More than 4 inches from a cash register and you are OK. Plus, it would need to be subverted somewhat to ring up a sale without you noticing. Heck, if the shop is that dishonest you probably have other problems.


I would imagine this is just a factor of getting a bigger antenna, but feel free to correct me on this.
The Three Laws of Thermodynamics:
1. You can never get ahead, you can only break even.
2. You will only break even at absolute zero.
3. You

Go Up