You are not logged in.
Pages: 1
I have been using arch on two machines for some time. I recently found out from my bank that, my online account has been suspended because it was accessed by a known fraudulent device, and that I need to change my email password and run a virus scan on all of my computers. I would think that it is more likely that my email account has been hacked than my computer itself, but I still want to check.
What would be the best way to either verify that my computer is clean or find an infection if there is one?
I will, of course, pay more attention to security from now on.
Offline
thats bad news I would contact my bank directly and make sure of all issues even in person or a known direct line.
Edit: dont use any links, and check the address of the email and report/spam it if neccissary.
there are false positive to such checks as well check the device and how you connect to what they have.
I dont see how this applies to any os directly though. there could be a lot of ways this could happen what do you know?
Last edited by bleach (2015-06-09 01:19:22)
Offline
There was no email. Online there was no information regarding the problem, just that there was one. All of the information I got was over the phone, after verifying my identity, talking to several different people in order to try to get more information, but they all read it off of the same screen.
My interpretion is that someone got login information, and they think that that person may have gotten it by infecting my computer through a keylogger or something, or somehow through my email (I don't know how that's even possible), although I have no way of knowing since they won't give me any useful information.
It could be a false positive, but I, for one, want to make sure, but I don't know how to do that, not specifically anyway.
Offline
I would keep an eye on my account in that situation and change the password and be carfull of email. emails from banks are always just info(there is no go here do this or anything) for security remember that. it sounds like a false positive to me but you would know better and your bank can only give some info also if woried to much change your email. keylogger? unless its hardware check outgoing connections but dought it on both fronts then again I dont know your "absolute" situation.
Offline
No, you don't understand. There was no email. When I went to log into the web site, it told me my account was locked! I thank you for your advice for avoiding phishing scams. It is very good advice that not enough people follow, but not relevant to the situation.
All of that aside, even if this is a false alarm, I still want to make my computer more secure, both by checking to make more difficult to compromise in the future (there is a lot of very practical advice that I intend to follow in the near future on the Arch wiki), and making sure that it hasn't already been compromised, which given my circumstances is a real possibility (there is not a whole lot of information about this on the wiki. This is what I want help with, since if the intruder is already here, it doesn't matter how much I bolster defenses.)
Offline
Have you made sure that email itself isnt a fraud?
I've been recieving such emails like a dozen times a month - all fraud attempts.
Just saying, never click on url provided in emails!
EDIT:
Doh, should read all before posting.. sorry.
EDIT2:
One option would be to check all services running, and make a list of services you dont know or cannot identify.
EDIT3:
Another option for this warning could be if you're using a laptop, and your last connection was made from a place you're usualy not connecting to your bank.
They loged the IP and figured its not the same range as usualy - giving you that warning.
Last edited by esa (2015-06-09 10:16:27)
Offline
So, if someone could, you know, actually address the question I'm asking, that would be great... (to be fair, the service answer is slightly helpful, but definitely not complete)
Offline
You can use `pacman -Qkk` to verify installed packages. It will have a few false positives for permissions but that's okay. You could also try installing rkhunter. if you didn't install any software other then through pacman that should be enough
Offline
try this :
Boot from an arch install iso
setup networking & set a mirror for pacman
use pacman to install rkhunter & clamav to the install environment & run them
Ofcourse you could also use a live distro like knoppix for this.
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
(A works at time B) && (time C > time B ) ≠ (A works at time C)
Offline
Pages: 1