encryption, and password managers

[xwrench3]

 i am not sure if this is the correct place for this post, so if its not, please move it, and thanks. so last month, i had the wonderful misfortune of having my debit card information stolen, along with $400.00. and this Saturday, i received a notice of denial (thankfully) for a credit card application, that we did not apply for. since we have not been broken into at our residence, i can only assume that this came about thru our online activities. other than the general meaning of the word, i really know nothing of how to do it, or what its limits are. can i encrypt my email? all of my online wandering? ebay? etc. also, i know that my browser stores my passwords. is that safe, or am i better off with a downloaded program? any help would be appreciated.

[Pokemoneuro]

I use LastPass. Every time I sign up for anything I use the random password generator from Lastpass. They encrypt well and it's pretty easy to use. There are loads out there, but I only have experience with LastPass, which is what I'd recommend

[PeachyUwUSenpai]

6 minutes ago, xwrench3 said:

 i am not sure if this is the correct place for this post, so if its not, please move it, and thanks. so last month, i had the wonderful misfortune of having my debit card information stolen, along with $400.00. and this Saturday, i received a notice of denial (thankfully) for a credit card application, that we did not apply for. since we have not been broken into at our residence, i can only assume that this came about thru our online activities. other than the general meaning of the word, i really know nothing of how to do it, or what its limits are. can i encrypt my email? all of my online wandering? ebay? etc. also, i know that my browser stores my passwords. is that safe, or am i better off with a downloaded program? any help would be appreciated.

have you called and alerted your bank?

[PeachyUwUSenpai]

also if it was stolen via say a rat non of that would help and would serve it up on a golden platter. you may want to run some avs and go try to figure out how it was taken also sometimes there's skimmers that also could have taken it. or sketchy stores 

[SomethingOrOtherThing]

Don't remember reading any news in the recent years of browsers getting hacked massively and passwords leaking.

 

I strongly suggest two-factor authentication. On everything that offers it.

Also - why the hell don't you already have a requirement to confirm any online transaction via a code sent to SMS? It's mandatory where I live. Ask if your bank offer that service.

 

I use KeePass, and don't save the web banking password through the browser, rather re-visit the software to get the pword than risk.

 

[Donut417]

16 minutes ago, xwrench3 said:

 i am not sure if this is the correct place for this post, so if its not, please move it, and thanks. so last month, i had the wonderful misfortune of having my debit card information stolen, along with $400.00. and this Saturday, i received a notice of denial (thankfully) for a credit card application, that we did not apply for. since we have not been broken into at our residence, i can only assume that this came about thru our online activities. other than the general meaning of the word, i really know nothing of how to do it, or what its limits are. can i encrypt my email? all of my online wandering? ebay? etc. also, i know that my browser stores my passwords. is that safe, or am i better off with a downloaded program? any help would be appreciated.

Credit card scimmer. It's a fucking issue here in the Detroit area. They get them on ATMs and Gas pumps. You slide your card and they have the info. Or some on at a store could have gotten the info wirelessly. 

 

You can change your passwords. Hopefully your bank is parinoid like mine and stops charges it feels are suspect. 

[PeachyUwUSenpai]

in most countries banks legally have to refund you as long as you report it fast enough and some even do more than legally required 

[xwrench3]

the money that was stolen was refunded by our bank. thankfully. / i have read and heard about credit card skimmers. but i dont think i have ever seen one in real life. i am pretty paranoid, so i "think" i would notice something out of the ordinary. the one thing i did learn was that the money was stolen by someone in China. i had placed 2 ebay orders using my debit card via pay pal in china in the same week. but of course pay pal says it was not them. the really fishy part about that mess was that the money was taken buying $100.00 itunes cards, which was the advertiser at the time on pay pal. 

33 minutes ago, Alaradia said:

also if it was stolen via say a rat non of that would help and would serve it up on a golden platter. you may want to run some avs and go try to figure out how it was taken also sometimes there's skimmers that also could have taken it. or sketchy stores 

dude, about half of this is encrypted to me. i am OLD!  at least compared to most of the people here. i am 60, when i graduated high school, there was no such thing as a personal computer or the internet. what i know about computers i have picked up via the school of hard knocks. 

 

35 minutes ago, FIXXX said:

strongly suggest two-factor authentication. On everything that offers it.

Also - why the hell don't you already have a requirement to confirm any online transaction via a code sent to SMS? It's mandatory where I live. Ask if your bank offer that service.

 

I use KeePass, and don't save the web banking password through the browser, rather re-visit the software to get the pword than risk.

i have no idea how to implement any of this. the one thing that i know i do correctly is not store my bank or card info anywhere but in my head. well, that and in a 3 1/2" floppy drive that is only connected to the computer when i need to add or access something. 

[SomethingOrOtherThing]

Just now, xwrench3 said:

i have no idea how to implement any of this. the one thing that i know i do correctly is not store my bank or card info anywhere but in my head. well, that and in a 3 1/2" floppy drive that is only connected to the computer when i need to add or access something. 

Just ask in google. "How to activate two-factor authentication in [insert service]".

Most will use the generator of PIN numbers you can get from Play Store or whatever. Just check on google and you'll see what it does. Not complicated.

 

Just so you understand the basics - whenever a login session is initiated to a service it will ask for a PIN which you get from the application on your phone. Older services may just send a key to your email. But the point is the same - create another wall between your service and the person, not just the password.

[PeachyUwUSenpai]

6 minutes ago, xwrench3 said:

 

dude, about half of this is encrypted to me. i am OLD!  at least compared to most of the people here. i am 60, when i graduated high school, there was no such thing as a personal computer or the internet. what i know about computers i have picked up via the school of hard knocks. 

 

a rat stands for a remote administration tool think of it like teamviewer but also has a keylogger and will take all your passwords off your browsers as well and gives them full digital access to your computer and you wont know its thier. avs meant antiviruses because if you were infected you may still be so your cards will just be stolen again. also skimmers are meant to not be noticed it could also be a sketchy convenience store that has a camera looking at the terminal. also the itunes isn't really that fishy it's a way of cleaning the money since they can sell the itunes gift cards on the internet and that would then make it clean money

[Guest]

Don't forget that information used to apply for credit cards can come from paper documents, too, most likely. 

 

Even chucking Amazon boxes and what not straight in the bin gives them your name and address right off the bat, other packaging phone number, other even email address which they can collect and collate to use for identity theft. 

[xwrench3]

so how do i find, rather what program should i use to find r.a.t.?  as for the skimmer thing, i never thought about a camera looking at the card and me punching in pin. there are SO MANY cameras, it makes me thing we need a different way of electronically purchasing items. 

[Donut417]

1 minute ago, xwrench3 said:

so how do i find, rather what program should i use to find r.a.t.?  as for the skimmer thing, i never thought about a camera looking at the card and me punching in pin. there are SO MANY cameras, it makes me thing we need a different way of electronically purchasing items. 

This is why I'm happy the US went with the cards with the chips. This is also why you use credit cards at iffy stores. They tend to have better protections.

 

Online wise use PayPal or Google Wallet. As they don't give out credit card details.  

[xwrench3]

do i have a mis understanding of these chips on cards? are they not rfid chips that can be scanned while they are still in your wallet? 

[Donut417]

13 minutes ago, xwrench3 said:

do i have a mis understanding of these chips on cards? are they not rfid chips that can be scanned while they are still in your wallet? 

No. Cards are inserted chip side in to machines now. Then you put your pin in for debit. Or sign for credit. When you slide your card the magnetic info can be read if someone is standing close. Which is the reason for the new chips. 

 

In the UK it stopped card theft by like 70% from what I read. 

[xwrench3]

ok, that is what i heard from somebody in my age bracket.  i have young teen kids, but they are to wet behind the ears yet to know what is going on in the real (corrupt) world. 

[LogicalDrm]

8 minutes ago, xwrench3 said:

ok, that is what i heard from somebody in my age bracket.  i have young teen kids, but they are to wet behind the ears yet to know what is going on in the real (corrupt) world. 

You are mixing NFC with microchips. Or someone replying here is. NFC reads automatically when card touches reader. It speeds payment process and is kinda good thing in general. But there have been cases where harmful device has read card from pocket. Banks should have limits for NFC payments, you can ask from yours how big limit it is. Here common one is €25 per swipe. If you are paranoid type, there are cases for cards that block signal all together.

 

Personally I don't have NFC enabled card and won't get one anytime soon. I have app on phone which uses NFC payments if I ever want to try it out.

 

Emails are encrypted by default. Unless your account or other party's account is breached, no outsider will see those. Same goes with payment info you give for online stores. In general. Be careful with those though. Some sites aren't as trustworthy and could slip info to third party. I've had that issue and renewed my card as result. I would recommend making PayPal account if you are using less known sites, or even eBay. It adds bit more security as you aren't giving your card info everywhere. Just using PayPal as money handler.

[Ithanul]

3 hours ago, Donut417 said:

This is why I'm happy the US went with the cards with the chips. This is also why you use credit cards at iffy stores. They tend to have better protections.

 

Online wise use PayPal or Google Wallet. As they don't give out credit card details.  

Yep, Credit Cards not Debits.  Major rule of thumb I go by, especially while I am overseas.

 

Another rule, never, ever save bank, stock accounts, insurance, etc. passwords with the browsers nor password manager.  Yes, it is a pain, but better safe than sorry.

 

Plus, as others have said.  Set up two-factor authentication.  Also, most cards have it where you can setup it to notify you by text message of anything charged to the card.

[PeachyUwUSenpai]

5 hours ago, xwrench3 said:

so how do i find, rather what program should i use to find r.a.t.?  as for the skimmer thing, i never thought about a camera looking at the card and me punching in pin. there are SO MANY cameras, it makes me thing we need a different way of electronically purchasing items. 

run malwarebytes and hope that its a bad virus. but its more likely you got hit via the world not digitally