Can you really rob the stock exchange?
Sunday, May 18, 2014
, Posted by Ryanita at 9:57 PM
Rafe
I just watch The Dark Knight Rises and saw the scene where Bane stole money by hacking into the computers at the Gotham Stock Exchange can that really happen in real life?
Answer
We've all seen too many movies of someone hacking into a high security system with just a few clicks. It's pretty stupid of us to believe anything we see on TV; it's just entertainment. Without someone at the institution giving you their pass codes, it takes hours, maybe weeks of work, only to meet up with their software and hardware firewalls and tracking systems that leave your footprints all over the place. It just isn't done, at least not successfully. After hours of work trying to get through their security systems, several red flags are raised and security people are alerted long before you can do anything meaningful like withdraw or transfer money (which is going to require authorization by a top-level employee if for a significant amount), even if you manage to get in.
"Can you really rob a bank electronically?" No. Is it possible? Anything's possible. Can you get away with it. Not likely.
"Can you really rob a bank in person?" Sure. Will you get away with it? Not likely. About 99% of them get caught. Almost all of these bank robbers are lazy people that were never successful at anything else, so why would they be successful at this?
When you hear of someone getting robbed electronically, it is almost always a security breach of the individual person, not the bank. These cyber criminals are using a form of social engineering attack model combined with malware. Their favorite targets are large business customers.
Details abound on physical robberies of banks, but almost no data is released by the federal gov't on cyber crime.
Addendum
Just a little story for some fun.
I used to program and run mainframe computers in a previous life, so I'm very security conscious. About 10 years ago, I was trading forex and got the attention of a lot of people, maybe the wrong people that wanted to steal my algorithms.
I had one of the best hardware firewalls money could buy for an individual PC (not a network or mainframe), that cost about $1,500. The logging feature alerted me to some persistent hack attempts, but I didn't pay too much attention since they weren't getting anywhere.
I was in the habit of leaving my computer on all the time, 24/7. One Monday morning, I came to work and my computer was down. Not only that, I couldn't get online. I'm a computer genius, right, so I tried checking the firewall logs and connections, but it would not let me communicate with it. I am the master, and it was blocking ME. Fine, rebooted the hardware, and everything was back to normal, with a few exceptions. It required my logins for security control. This was weird, so I checked the logs.
A persistent hacker had been hacking away at my firewall all weekend. He gave up after six hours on Saturday, but came back and hacked at it for four hours on Sunday. The alerts had been sent to my computer, but nobody was there on the weekend. This hacker was good, and almost got in. The firewall saw that he was about to get through, knew it was an unauthorized entry, and alerted me multiple times, pleading with me to break the connection. At the last minute, just when the hacker was making real progress, the hardware firewall severed the connection to all outside sources and shut down my computer, requiring re-authorization to start again. The poor hacker wasted a whole weekend for nothing.
Needless to say, I don't leave my computer on over the weekend anymore.
Incidentally, the security system and multiple firewalls used by businesses and banks are a hundred times more complex than my little $1,500 hardware firewall. And theirs are monitored 24/7 by real people.
We've all seen too many movies of someone hacking into a high security system with just a few clicks. It's pretty stupid of us to believe anything we see on TV; it's just entertainment. Without someone at the institution giving you their pass codes, it takes hours, maybe weeks of work, only to meet up with their software and hardware firewalls and tracking systems that leave your footprints all over the place. It just isn't done, at least not successfully. After hours of work trying to get through their security systems, several red flags are raised and security people are alerted long before you can do anything meaningful like withdraw or transfer money (which is going to require authorization by a top-level employee if for a significant amount), even if you manage to get in.
"Can you really rob a bank electronically?" No. Is it possible? Anything's possible. Can you get away with it. Not likely.
"Can you really rob a bank in person?" Sure. Will you get away with it? Not likely. About 99% of them get caught. Almost all of these bank robbers are lazy people that were never successful at anything else, so why would they be successful at this?
When you hear of someone getting robbed electronically, it is almost always a security breach of the individual person, not the bank. These cyber criminals are using a form of social engineering attack model combined with malware. Their favorite targets are large business customers.
Details abound on physical robberies of banks, but almost no data is released by the federal gov't on cyber crime.
Addendum
Just a little story for some fun.
I used to program and run mainframe computers in a previous life, so I'm very security conscious. About 10 years ago, I was trading forex and got the attention of a lot of people, maybe the wrong people that wanted to steal my algorithms.
I had one of the best hardware firewalls money could buy for an individual PC (not a network or mainframe), that cost about $1,500. The logging feature alerted me to some persistent hack attempts, but I didn't pay too much attention since they weren't getting anywhere.
I was in the habit of leaving my computer on all the time, 24/7. One Monday morning, I came to work and my computer was down. Not only that, I couldn't get online. I'm a computer genius, right, so I tried checking the firewall logs and connections, but it would not let me communicate with it. I am the master, and it was blocking ME. Fine, rebooted the hardware, and everything was back to normal, with a few exceptions. It required my logins for security control. This was weird, so I checked the logs.
A persistent hacker had been hacking away at my firewall all weekend. He gave up after six hours on Saturday, but came back and hacked at it for four hours on Sunday. The alerts had been sent to my computer, but nobody was there on the weekend. This hacker was good, and almost got in. The firewall saw that he was about to get through, knew it was an unauthorized entry, and alerted me multiple times, pleading with me to break the connection. At the last minute, just when the hacker was making real progress, the hardware firewall severed the connection to all outside sources and shut down my computer, requiring re-authorization to start again. The poor hacker wasted a whole weekend for nothing.
Needless to say, I don't leave my computer on over the weekend anymore.
Incidentally, the security system and multiple firewalls used by businesses and banks are a hundred times more complex than my little $1,500 hardware firewall. And theirs are monitored 24/7 by real people.
Has any one else been suspicious with the way etoro accepts paypal payments? Is etoro a scam?
borris the
I recently made a deposit to this forex broker etoro (or e-toro) and my firewall gave me several warnings that a suspicious application (etoro) was trying to steal my details just as I was making a Paypal payment. If anyone gets my Paypal password, isn't this dangerous? Is etoro a scam? What do they need Paypal passwords for?
Answer
Yes I have experienced the same suspicion. Not sure if the whole company is a scam. They're not a regulated by any authority so I guess customers have to take their chances. I have been using etoro for a few months and am no longer a user for a number of reasons. Mainly their platforms instability which caused me to loose control of open positions several times and loose large amounts of money.
However regarding payment security, you are correct.. this is a very suspicious detail indeed. The important issue initially struck me as "strange" when I made my first deposit was that when the etoro application diverted me to Paypal (this was my chosen form of payment) it did it from within its own application and not in a browser like exlorer or mozilla. Companies that use https encryption always warn you to check the address url that you are on to make sure that your details (eg paypal info and password) are not being diverted and seen by a third party. Etoro is this third party and I was even more convinced as every time I made a deposit, Paypal would ask me to enter the password twice for no reason!! Futhermore my firewall (zone-alarm) and antivirus (avg pro) would throw warnings telling me of suspicious behavior and that a program was trying to access/record key-strokes on my PC!!! But being an etoro newbie in good faith, I continued t see what etoro was really about - taking one precaution - (to keep changing my Paypal password as it was clear that etoro was most likely recording it).
They never tried to make a fraudulent transaction from within my Paypal account but then again I kept changing it!! I use Paypal very frequently and found it extremely suspicious why the payment process did not open a fresh browser window like in every other secure payment process.. but instead displayed paypal inside their application without showing you the page url. This is potentially fraud but not necessarily. It depends how the application is set to transmit your personal info. I can't advise you how secure your paypal account is now but to be on the safe side, if you think that etoro is a good broker (I personally now think that it overall sucks) and if you continue to want to trade with them, then change your Paypal password continually to be better safe than sorry.
Accepting risk of money loss via trading is one thing but having your online payment priviledges hacked is another. Don't risk it! Change broker or if you insist on using etoro use another payment option!
Yes I have experienced the same suspicion. Not sure if the whole company is a scam. They're not a regulated by any authority so I guess customers have to take their chances. I have been using etoro for a few months and am no longer a user for a number of reasons. Mainly their platforms instability which caused me to loose control of open positions several times and loose large amounts of money.
However regarding payment security, you are correct.. this is a very suspicious detail indeed. The important issue initially struck me as "strange" when I made my first deposit was that when the etoro application diverted me to Paypal (this was my chosen form of payment) it did it from within its own application and not in a browser like exlorer or mozilla. Companies that use https encryption always warn you to check the address url that you are on to make sure that your details (eg paypal info and password) are not being diverted and seen by a third party. Etoro is this third party and I was even more convinced as every time I made a deposit, Paypal would ask me to enter the password twice for no reason!! Futhermore my firewall (zone-alarm) and antivirus (avg pro) would throw warnings telling me of suspicious behavior and that a program was trying to access/record key-strokes on my PC!!! But being an etoro newbie in good faith, I continued t see what etoro was really about - taking one precaution - (to keep changing my Paypal password as it was clear that etoro was most likely recording it).
They never tried to make a fraudulent transaction from within my Paypal account but then again I kept changing it!! I use Paypal very frequently and found it extremely suspicious why the payment process did not open a fresh browser window like in every other secure payment process.. but instead displayed paypal inside their application without showing you the page url. This is potentially fraud but not necessarily. It depends how the application is set to transmit your personal info. I can't advise you how secure your paypal account is now but to be on the safe side, if you think that etoro is a good broker (I personally now think that it overall sucks) and if you continue to want to trade with them, then change your Paypal password continually to be better safe than sorry.
Accepting risk of money loss via trading is one thing but having your online payment priviledges hacked is another. Don't risk it! Change broker or if you insist on using etoro use another payment option!
Powered by Yahoo! Answers
Currently have 0 comments: