magnumpi

Don't use the open wifi from that Tims anymore

And we're did u download Candy from? Was it Facebook or from ITunes or Google play store or what ever Android call it now? Candy Crush is known to have mirror copies with malware !!!

So i did I little more digging and it don't matter were u get these popular apps from, they still get you, the Android phones are more prone to the hack IOS less so

In case any Indian Android user downloaded Plants vs Zombies, Candy Crush or Super Hero Adventure from Google Playstore between November 24-30, 2013 and on November 22, 2014; then there is upto 74% chance that their Android OS has been infected with a virus.

This new, scary fact was revealed by ESet, which is an IT security firm based in Bratislava, Slovak Republic. As per their analysis and research, ESet discovered that hackers were able to install backdoor Trojan virus, malwares and other deadly ingredients directly into the ignorant victim’s smartphone using the official Google Playstore platform.

So if they did it back then then they can do it now !!!!

More reading

https://www.google.ca/amp/s/www.expr...?client=safari

So.... My wild guess is you are using a Galaxy Note or 7 running Android, the spam is add ware infecting your cell.! Good chance it's from the Candy App. If it was my cell I guess I would format it and start again. Malware is almost impossible to get rid of. Also ask friends if they have had any weird emails from you, if so, ask them to delete the emails

Alan2005

Top tips for not getting hacked:

1 - Use long easy to remember passwords everywhere (e.g. "cheese_and_pickle_sandwiches") or something. Don't bother trying to be clever with number/letter substitutions.

2 - Don't use a password in more than one place (this is how most people are hacked, their ashleymadison password is the same one as they use for banking)

3 - Enable 2 factor authentication wherever it is offered.

Alan2005

Man, I like your posts, but after reading the ones in this thread maybe you aren't the best person to be giving out IT security advice yeah?

magnumpi

Take all internet advise as is. And use open wifi if you like, to download all your free games, I don't mind, it was just my take on cyber crime.

I seen Mr Robot you know !!

https://www.google.ca/amp/www.howtog...?client=safari

Quote: “Don’t do your online banking or anything sensitive on a public Wi-Fi network.” The advice is out there, but why can using a public Wi-Fi network actually be dangerous? And wouldn’t online banking be secure, as it’s encrypted?

There are a few big problems with using a public Wi-Fi network. The open nature of the network allows for snooping, the network could be full of compromised machines, or — most worryingly — the hotspot itself could be malicious.

Alan2005

Maybe if your posts on the subject didn't read like you've just googled some random IT buzzwords.

Siouxie

Perhaps you have some words of wisdom for the OP regarding the potential for hacking when using free wifi and downloading keyloggers etc., as you seem to have knowledge of IT security?

Alan2005

I'm not. But i can tell when people are acting like man down the pub experts.

dbd33

This week I was contacted by someone I used to work with. We soon established that that was thirty years ago. A joke about her name is still my password for most things.

The problem with using a different one is that I will forget it, I can write it on the wall or email it to myself, neither of which are very secure, or I can deal layer upon layer of captcha when I try to log on. That typically results in me deciding that whatever I'm trying to access isn't that important anyway.

Rather than try to be secure, it makes sense to me to check for hacking reasonably often and, when there's an issue, to rely on the bank or credit card company's insurance.

Siouxie

Has it not occurred to you that they are just trying to help the OP?

Unless an IT expert, most of us would need to google.

There's really no need for mud slinging.

Alan2005

Sometimes bad advice is worse than no advice.

Without knowing the details of OP's situation it is impossible to give advice that is not generic and basically common sense. This doesn't involve scaring people with random stuff about trojans, viruses, malware, keyloggers etc.

If this was a medical question everyone would be telling OP to go to a doctor. They wouldn't be diagnosing AIDS.

Gozit

Sorry magnum, nothing against you, but i'm with Alan here. To specifically refute, however:

Honestly, this is good advice, don't use your banking app on open wi-fi. If you just want to check your balances or whatever, wait until you're at home or work or use your data. Its very easy for someone to sit across from you at the tims and siphon your data off of the non-password protected wifi network.

This isn't anything to worry about so long as you download it from the legit Apple app store or Google play store, there are no "malware" versions of Candy crush on either store. I don't see any reason why DandNHill would have gotten it from elsewhere. And besides, with android, installing apps from places other than google play requires you to enable a specific setting on the device. So I think its OK to rule this out.

Not really so if you just install apps from the official Play store, which 99% of consumers do just that. Nope.

My guess is the spam messages in the email account are a correlation, first step is to check the computer for viruses/spam, I suggest using Malwarebytes http://ninite.com/malwarebytes - and once the computer is clean (or from a second computer), change all passwords to email, online banking, etc, and don't use the same password on each account. Also get a new client card/credit card number from the bank.

HTH

scrubbedexpat091

My banking password is different from anything else as the bank requires exactly 5 numbers no letters or special characters. Pretty much every other website wants a lengthy password with numbers, letters, lower case and upper case etc.

I change my email a few times a year on average, or when google thinks someone has attempted to access my email, but it's usually the result of me not turning off the VPN it seems.

ATM card pin has been the same since the 90's, its only used on the card and nowhere else.

Most of the month the bank has 0 dollars in it, so any thief would be disappointed for the most part, only a few hours a month there is any money actually in there.

I haven't had any banking fraud since the early 00's and that time it was still when merchant receipts for credit and visa debit printed the entire account number and expiry date on the receipt still, and the thief was an employee at the last place I had used the card, the dork used the number at his workplace literally 20 mins after I was there so was easy for the bank to solve, but it tied up all my funds for 2 weeks, which was very difficult.

DandNHill

I doubt I would have used the bank app when at Tim's. I only use their wifi so I don't use my data while there for looking up stuff on the net. Certainly if I had it would be several months ago.
Links JS mentions nobody can steal from his account because there's no money on it, the only reason they took $480 was because there was only $491 in total on that account. I use it for my daily/weekly spending and have another account for bill payment etc.
About ten days ago I was getting a lot of spam which I don't usually get. I wonder if that was connected. But the worrying thing to me is how they managed to get through a password and a pin. The three secret questions have answers that even my husband who knows most things about me wouldn't be able to answer. Then they sent the interac to somebody who has an almost identical name to a friend of mine with whom I exchange emails.

It's scary what these criminals can do. I had a very hard time dealing with it on Tuesday. I felt very vulnerable but I'm over it now and just waiting for the bank to give me my money back. Will I use Internet banking again? I don't know. It's so convenient but I don't want this situation to happen again!

magnumpi

Plenty of helpful people gave me medical advice when I was sick Allan, some not so great advice, most tried to help tho, and that advice led me to the emergency room, soon after I had my heart fixed up and unblocked.

I took some advice and ignored others. It's the internet that's how it works.

Read, think, use common sense and ignore what u think is crap

So knowing what we know now it looks like it may have been a phishing email and the OP has changed passwords since so all is good now :@)

not2old

something to be learned from the above

I'll take magnumpi's 'helpful' advice with his 'LMGTFY' infomation & that from others (discard what I don't think is relevant) to say that I will never ever use a smart phone, or take my computer to do anything personal on it in a wi-fi public place, that I will never shop on-line, do any 'stupid gaming' or 'App downloads' & definitely 'never do on-line banking', because if I did I would know from this thread that there is a chance that I could get hacked.


.

What an eye opener eh!