Posted: Sat Jul 24, 2010 12:28 am Post subject: Online stock trading account violated - twice
I apologize if I am in the wrong place to ask this question, but I am having trouble finding security advice online that applies to this particular problem.
A close associate of mine makes his living trading stock. He does so online from his home. Several weeks ago, an unauthorized person accessed his account. The trading company caught this, evidently because the attempt came from a known malicious IP address.
My associate already had normal home computer security measures in place (antivirus, firewall). However, he took the following additional measures after this unauthorized access. He bought a new computer on which he now does nothing but trading. This is firewalled and has an antivirus program. The computer is directly connected to his cable modem. He does not have a home network, wireless or otherwise. He closed his old account and opened a new one (i.e. new account number). His password is a random series of numbers and letters (as it was before).
Yesterday, his new account was accessed. I do not know if this was from another malicious IP address or not. I also have no idea what the geographic location of the IP address is.
My question is - does anone have any idea how this could have happened other than just bad luck? The trading company did have a security breach several years ago that divulged a lot of personal information about the clients of the site. However, without a password, none of this information would help someone gain access to an account. Plus, they would have no way to now associate that old information with a new account.
My associate is afraid to set up a new account, lest it simply be breached again. Any help/advice as to how to prevent a repeat of the same problem is appreciated.
was the last computer connected directly to the modem like this one is? once the bad guys have your IP address and a way in, it doesn't matter much what the computer is running. my suggestion would be for your friend to invest in a router with good firewall capabilities in addition to the software firewall his computer is running already. oh, and also him signing up and posting a log in the HiJackThis forum just to be sure nothing is actually wrong with his new system as well
Actually, I erred in my description. He does have a router. There are just no other computers attached to it.
What would be the "way in" for the bad guys? Is it something (a program, virus, keystroke logger, etc) on the computer that is not detected by anti-virus, anti-spyware, firewall security measures? How can we find and eliminate this "way in"?
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum