Wide wholesale banking system after an upgrade,fake hollister,http://www.joke88.com/home.php?mod=space&uid=145356, in Beijing, Shanghai and other places have had 12 cardholders suffered a similar online banking theft. Online criminals are modifying their reception "Dynamic authentication code" bind phone number after false fraudulent. Senior hacker said that this series of cases shows that wide wholesale banking system vulnerabilities may exist. Reporter survey found that, in comparison to other online banking, wholesale silver wide customer information is more likely to be false modified.

Reporters learned that morning, some stolen brush cardholders were asked to sign a "foreign secret" agreement, Guangdong Development Bank has for them "paid in advance" of the amount stolen brush. GF staff said the move does not mean the bank there is no fault.

Fraudulent incident

Wake up stolen brush

Yip told reporters that he used to handle organ before going to sleep.

July 4 in the morning,abercrombie boys jeans, wake up Yip open the phone, five customer service message from Guangdong Development Bank 95508 let him surprised.

The first message displayed his credit card spending 2,peuterey benson giubbotti uomo peuterey prezzi,000 yuan. The second is "insufficient credit card balances tail number 4497, the transaction failed." Behind the three messages the same content, "tail number is 1194 credit card is valid input error, the transaction failed."

"SMS is send one or two o'clock at night,http://www.mlxydc629.com/forum.php?mod=viewthread&tid=605713&fromuid=45032, I was fast asleep, stolen credit card is definitely brush." ​​Mr Yip said.

Yip introduced after May 20 GF banking system upgrade, online banking payments are no longer using a password, replaced by a mobile phone dynamic verification code. Customers spending more than 100 yuan each, bound phone number will receive dynamic verification code to online confirmation.

Mr Yip said: "It is curious that fraudulent conduct by online banking, but my phone did not receive dynamic verification code to the bank's customer service after I, the other replies, verify the text messages sent to a phone number beginning with 138. on. "This is Beijing numbers, Mr. Ye call in front of reporters, but unable to connect.

QQ similar rights 12 people were fraudulent

Guangdong Development Bank in the process of negotiations, Mr. Ye found a broad brush by issuing stolen QQ group consisting of. There are 11 people in the group and he has exactly the same experience, we are in wholesale banking system wide upgrade shortly after re-enter personal information stolen brush. They come from Beijing, Shanghai, Guangdong, Zhejiang and other provinces, the total amount stolen brushes preliminary statistics have 5 million yuan.

Through communication, we found that their cards are E-Commerce Co., Ltd. in Shanghai,http://e-learning.tsu.ge/login/index.php?item/create_form/1, IPS paid brush stolen, stolen funds on the platform have been transferred to the third party Teng Chi planning company.

12 people, in addition to Mr Yip phone dynamic verification code is modified to 138 at the beginning of the phone number, the remaining number of people have all been modified to specific numbers beginning with 159, and the numbers are for Beijing.

IPS by Shanghai companies Reporter Tang Chi planning to get a company statement,air max one yeezy nike air max homme noir, saying also a victim of fraudulent person is their a member, has been unable to contact them, their accounts have been frozen.

Wrong card statement cited dissatisfaction with the main bank

Mr Yip said that when they reflect the situation in the Guangdong Development Bank, their call center staff said brush stolen credit card on the Internet, is likely to be the customer's own personal data leaked information and passwords, "either by an acquaintance to steal information , or is on a phishing site or a Trojan virus when. "cardholders have expressed dissatisfaction with this argument.

"Banks always said stolen brush responsibility upon us, that we did not take good care of the password, do a bit of responsibility GF would not it?" One Wang said. He told reporters that his computer installed 360 security guards,air max 90 solde nike air rift, bodyguards, and other online shopping antivirus software, he is regularly updated note, police say there has never been a computer Trojan. "I'm online shopping for six years, ICBC, China Merchants Bank, Bank and other banks have online banking, and the last two months have used, even if the computer is kind of a Trojan horse, why nothing else online banking, issuing only broad brush stolen it?"

Questioned loopholes

After upgrading to improve data theft response

Yip told reporters in early May of this year, Guangdong Development Bank informed through SMS, announcement and other forms of cardholder, the bank online banking service will be suspended at 23:00 on May 20 to 12:00 the next day, a comprehensive upgrade, asked to fill out incomplete data before cardholders perfect "personal data", including content behind a card expiration date and card verification code three and so on.

July 2, Yip login online banking, the tail number 4497 ​​credit profile had a "perfect" on the tail number of 1194 cards do not deal with. "So-inch card two days 'perfect' after stolen after brush." ​​Mr Yip said. The other victims also have similar experiences and Yip.

Personal information disclosure vulnerability exists easy

Proficient website system, a senior hacker fish (a pseudonym), said the situation from the perspective of stolen brush cardholder reflect their personal information is a great possibility that hackers use Trojans or phishing sites. But he also pointed out that this also shows a wide wholesale silver system loopholes.

Fish said, "In fact, any online banking system has loopholes,http://www.taoshouyou.com/home.php?mod=space&uid=102337, because the system is designed for people, it will inevitably have a variety of defects, so the bank will continue to carry out upgrades to improve the safety performance of the system, but many people at the same time because For the same reason encounter fraudulent, indicating that the bank online banking vulnerabilities may be more obvious, serious, while it is also used by hackers to find and loopholes. "

Fish further analysis, this case is actually from the series also exposed Guangdong Development Bank online banking system on a phone number to modify the binding problem, there is a security risk, because it does better than other banks to set reasonable and safe.

Reporters investigating the bank with the largest U Shield

Just received a reader broke the news, the reporter then call the GF customer service, ask how to modify receive dynamic verification code phone number. The other answer, except to the counters, it can also log in directly to a wide wholesale silver modified.

(Refers to the validity of the card and card verification code behind three): in both cases the specific points before setting off "privacy issues", the correct answer can be modified; not directly modify settings. After re-fill data validation message will be sent to the new phone number, enter the verification SMS, phone number changed successfully, the original phone number will not receive authentication information.

Fish believes that this set looks safe, but once the system is vulnerable to be hacked,veste moncler, customer information is stolen,http://music.wut.edu.cn/bbs/forum.php?mod=viewthread&tid=1268333,air max classic nike air max classic, the so-called "private issue" no longer "private",offerte hogan donna outlet toscana hogan, difficult to play a security role.

Yep suspected criminals is the "cottage" of the dynamic verification code to receive fraudulent phone number, his cell phone but not receive SMS genuine,jordan flight 45 high site de air jordan pas cher, "phone verification Off" out of order.

Reporter After investigating a number of banks found that most of the bank's online banking using ukey (one connected directly to the computer via USB, with password authentication function of storage devices, such as ICBC U Shield) as the security.

China Merchants Bank, although the use of dynamic authentication code, but its customer service, said, change the mobile phone number can not be verified through online banking, can only be modified at the counter.

The latest progress

Connect the phone to update the record set reminders

This reporter recently Login wide wholesale silver official website found that online banking has introduced a new security model. Online banking customer service told reporters, because the original system security level is not enough, have modified some of the safety content.

Under the new system, you want to modify receive dynamic verification code phone number, to be first in line to fill the original phone number, online banking will send a verification message to the number,mulberry alexa sbn second hand mulberry, after successfully received and verified the contents correctly filled out online before the number change to the new number. Meanwhile,http://www.haina263.com/forum.php?mod=viewthread&tid=489869&extra=,moncler verona piumino moncler outlet, the new network login system with silver SMS alerts, when you log in to the online banking system will automatically record the phone to send a notification message.

Lose money paid in advance to sign a confidentiality agreement

September 20, the number of victims, told reporters GF Bank has responded to their questions reflected, asking them to sign a "paid in advance" agreement,moncler spaccio aziendale moncler originale,http://bbs.212gm.com/forum.php?mod=viewthread&tid=13873, then the amount will be refunded to the fraudulent them.

But the agreement attached confidentiality clause, asking for a refund of the customer "kept secret", and may not be agreement.

Reporters learned that morning, there are already some people get a refund.

It is reported that Guangdong Development Bank has set up a task force over this mass theft investigation.

Cardholders Mr. Jiang told reporters that he found the online banking theft report, Dongcheng police criminal case now, the police are investigation.

Reply GF advance does not mean wrong

Yesterday afternoon, the reporter called the Guangdong Development Bank Public Affairs asked the matter, officials said wiring to reply later. Then, call back, said a female staff member, will make the evening a written reply. As of press time, but when reporters the morning, do not receive a written reply. Reporters once again call the relevant departments, to get "Yesterday handle this person is not, have to ask," the answer.

In yesterday's interview negotiations, the female staff mentioned that although banks have been on the part of the victim "paid in advance", but that does not mean that the bank there is no fault. "Paid in advance" for the special problems of emergency treatment in emergency situations. "If the investigation to the end, found that the bank is not a problem, the money we will have to come back again." She said.

Lawyers say

Online banking theft cardholder rare compensation

It is reported that after Beijing, there is no court ruling Bank online banking theft liability precedent.

Courts generally believe hackers savers personal information through the kinds of Trojans, are "for personal reasons lead to information disclosure,http://bbs.ydmsw.cn/home.php?mod=space&uid=272691," depositors should bear the adverse consequences. Depositors if banks can not provide evidence of the existence of fault, the bank is not liable.

Beijing lawyer Liu Lin Lee double that because of limited professional capacity, so that savers and lawyers to prove that there are loopholes in the online banking system, simply can not do. Many lawyers also expressed similar views.

Reported stolen in different places can apply to

Liu Lin believes that met online banking theft, the cardholder should report for the first time, and then negotiate with the bank. "The earlier detection, the greater the likelihood of stolen money recovered directly from the hands of criminals to return the money, than money from the hands of banks much easier." He said.

Liu Lin told reporters, according to the public security jointly issued "on the credit card fraud criminal jurisdiction issues related to notice" on the credit card fraud after stealing, buying and other illegal means to obtain credit card information to others for use in different places, the cardholder may be in the credit card apply to the public security organs. That cardholders do card in Beijing, foreign criminals were fraudulent online, you can report directly to Beijing.

Text / reporter to pay the intern Wang Xiaofei