Page 2 of 3 FirstFirst 123 LastLast
Results 21 to 40 of 57

Thread: DBS/POSB Security Compromised

  1. #21
    Deregistered allenleonhart's Avatar
    Join Date
    Sep 2008
    Posts
    3,656
    Blog Entries
    1

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by Redsun View Post
    my fren just checked hers and she lost $120
    please go check your accounts now
    mine kosong money so i got no fear.

  2. #22
    Deregistered allenleonhart's Avatar
    Join Date
    Sep 2008
    Posts
    3,656
    Blog Entries
    1

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by GRbenji View Post
    I got the feeling that breach is at DBS since only DBS/POSB cards affected and around 200 accounts.
    hmm posb is under dbs, or dbs is under posb? i know they now same company liao hmm.

  3. #23
    Moderator Octarine's Avatar
    Join Date
    Jan 2008
    Location
    Pasir Ris
    Posts
    12,394

    Default Re: DBS/POSB Security Compromised

    It's simple ATM card fraud, nothing to do with Internet banking. (Or is anybody using ATM cards for Internet banking?)
    As long as local banks are too lazy, complacent, stingy (call it whatever you want) to issue ATM cards and ATM systems using security chip there is a possibility for ATM card frauds. Has happened in European countries on a large scale: ATM were compromised by installing additional readers around the slot, the content of magnetic stripe was read and stored. In addition, a small camera was placed above the keyboard. This way the gangsters got the card and the PIN. Some of these ATM installations had even WLAN links so that the data were transferred immediately. Creating a new card is a matter of seconds. The idea is just that small amounts being withdrawn might go unnoticed.
    EOS

  4. #24
    Deregistered allenleonhart's Avatar
    Join Date
    Sep 2008
    Posts
    3,656
    Blog Entries
    1

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by Octarine View Post
    It's simple ATM card fraud, nothing to do with Internet banking. (Or is anybody using ATM cards for Internet banking?)
    As long as local banks are too lazy, complacent, stingy (call it whatever you want) to issue ATM cards and ATM systems using security chip there is a possibility for ATM card frauds. Has happened in European countries on a large scale: ATM were compromised by installing additional readers around the slot, the content of magnetic stripe was read and stored. In addition, a small camera was placed above the keyboard. This way the gangsters got the card and the PIN. Some of these ATM installations had even WLAN links so that the data were transferred immediately. Creating a new card is a matter of seconds. The idea is just that small amounts being withdrawn might go unnoticed.
    singapore had its share last time already, pretty large scale too. thats why most ATMs now have a green color attachment, which is to prevent any other attachments to be attached.

    anyways for those who wanna learn more about it.


  5. #25

    Default Re: DBS/POSB Security Compromised

    thank for the info, I just checked my account. nothing happen to me

    cheers

  6. #26
    Senior Member Big Kahuna's Avatar
    Join Date
    Dec 2004
    Location
    Singapore, Singapore, Singapor
    Posts
    2,127

    Default

    Additional measures are in place in atm to prevent id theft, but what about those nets payment kios from retail shop and carpark? Maybe they should also implement 2FA for atm withdrawal to reduce such threat .

  7. #27

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by allenleonhart View Post
    singapore had its share last time already, pretty large scale too. thats why most ATMs now have a green color attachment, which is to prevent any other attachments to be attached.

    anyways for those who wanna learn more about it.

    i saw a link that showed that the skimmers have already come up with something to cover that green-colored round thing.

  8. #28
    Deregistered allenleonhart's Avatar
    Join Date
    Sep 2008
    Posts
    3,656
    Blog Entries
    1

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by kei1309 View Post
    i saw a link that showed that the skimmers have already come up with something to cover that green-colored round thing.
    then the geniuses will invent another thing to cover the green coloured thing to prevent skimmers from attaching more things!

    maybe red color?

  9. #29
    Moderator Octarine's Avatar
    Join Date
    Jan 2008
    Location
    Pasir Ris
    Posts
    12,394

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by allenleonhart View Post
    singapore had its share last time already, pretty large scale too. thats why most ATMs now have a green color attachment, which is to prevent any other attachments to be attached.
    Just the usual quick fix, not a solution. The green attachment is not transparent, so tiny electronics can be hidden inside as well.
    EOS

  10. #30
    Member 9V-Orion Images's Avatar
    Join Date
    Apr 2009
    Location
    Autenticate ALGRN @ 7987.8270
    Posts
    1,760
    Last edited by 9V-Orion Images; 6th January 2012 at 08:05 PM.
    CS Aviation / Flickr
    Per aspera ad astra

  11. #31
    Member 9V-Orion Images's Avatar
    Join Date
    Apr 2009
    Location
    Autenticate ALGRN @ 7987.8270
    Posts
    1,760

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by ninelives View Post
    edmw always got the fastest/latest news, that's why sph bought over hardwarezone. lot of times already, stuff u read on papers actually came from edmw.
    Arh..., no doubt. Sieve through the virtual cesspool of raw sewerage and from time to time you may just yield yourself a valuable gem stone or precious metal.

    CS Aviation / Flickr
    Per aspera ad astra

  12. #32
    Senior Member
    Join Date
    Feb 2005
    Location
    sing
    Posts
    3,353

    Default Re: DBS/POSB Security Compromised

    TV News say 2 ATMs at Bugis have been compromised.
    If you have been there and withdrawn money recently, watch your bank account.

    This fraud requires at least two elements.

    1. The ability to reproduce your card. i.e. somehow in your routine Nets purchase you may have handed the card to some cashier who got a machine to secretly phish your ATM card. Or they have a device at the ATM itself.

    2. The ability to capture your PIN. This can be done by computer data capture or by a secret camera filming your PIN entry.

    If you checked your account and you feel safe, don't relax. Keep checking the next few weeks.
    The fraudsters may have your (recreated) ATM card + PIN but have not yet withdrawn money from your account.

    One last thing.
    400 accounts were affected. In view of the large number of accounts compromised, I am not discounting the possibility of an inside job.
    Last edited by ricohflex; 7th January 2012 at 10:22 AM.

  13. #33
    Member 9V-Orion Images's Avatar
    Join Date
    Apr 2009
    Location
    Autenticate ALGRN @ 7987.8270
    Posts
    1,760

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by ricohflex View Post
    This fraud requires at least two elements.

    1. The ability to reproduce your card. i.e. somehow in your routine Nets purchase you may have handed the card to some cashier who got a machine to secretly phish your ATM card. Or they have a device at the ATM itself.

    2. The ability to capture your PIN. This can be done by computer data capture or by a secret camera filming your PIN entry.

    If you checked your account and you feel safe, don't relax. Keep checking the next few weeks.
    The fraudsters may have your (recreated) ATM card + PIN but have not yet withdrawn money from your account.

    One last thing.
    400 accounts were affected. In view of the large number of accounts compromised, I am not discounting the possibility of AN INSIDE JOB.
    Have you ever read what the other posters had mentioned previously? This is nothing new. There are even unauthorised magnetic card readers disguised as supposedly tamper proof anti-skimming devices.

    Also in November 2008, $9,000,000 was stolen worldwide from 130 ATMs with duplicated magnetic debit cards within a span of just 30 minutes.



    Last edited by 9V-Orion Images; 6th January 2012 at 10:04 PM.
    CS Aviation / Flickr
    Per aspera ad astra

  14. #34
    Member voxies09's Avatar
    Join Date
    Apr 2010
    Location
    Singapore
    Posts
    651

    Default Re: DBS/POSB Security Compromised

    this clone atm card is not a new technology, it has been reported in several other country; but i guess in Singapore is not this case but rather then the NETS payment from rogue shop. The rogue shop can modified the NETS machine + camera to capture the PIN, some people tot that SG so safe and no need to hide their pin.. i also do that sometime
    Last edited by voxies09; 7th January 2012 at 10:05 AM.
    Canon Kiss X4 | 18-55mm f3.5-5.6 IS II Kit lens | 50mm f1.8

  15. #35
    Senior Member Sion's Avatar
    Join Date
    Jan 2004
    Location
    新天地
    Posts
    4,768

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by allenleonhart View Post
    mine kosong money so i got no fear.
    Please check and see whether $1,000,000 has been wrongly put into your account.

  16. #36

    Default Re: DBS/POSB Security Compromised

    to those who use DBS / POSB ATM last year or specifically at Bugis to change PIN asap or close their account n re-open a new one if you are a die-hard fan of DBS/POSB

  17. #37
    Moderator Octarine's Avatar
    Join Date
    Jan 2008
    Location
    Pasir Ris
    Posts
    12,394

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by dreaming View Post
    to those who use DBS / POSB ATM last year or specifically at Bugis to change PIN asap or close their account n re-open a new one if you are a die-hard fan of DBS/POSB
    Why? Get new ATM cards, define the PIN at the counter, done. Whatever those people now still have on their copied ATM cards is worth nothing.
    EOS

  18. #38
    Senior Member
    Join Date
    Feb 2005
    Location
    sing
    Posts
    3,353

    Default Re: DBS/POSB Security Compromised

    1) If a fraudster stole the ATM card details and also the PINs (supposedly at the alleged 2 Bugis ATMs). That was in November 2011 according to the news. You mean that he waited until early Jan 2012 to start stealing money? Does it make sense?

    2) Normally in any banking fraud case e.g. internet banking fraud or ATM card skimming; a bank is strongly defensive and upfront will contend that it may have been the account holders' fault in not keeping their PIN private and secure possession of their ATM cards. But now the bank is so generous in replacing the money stole within 24 hours. It is good of them though, not complaining here. Not the normal way they handle such issues and out of character.

    3) If a fraudster was so skilled at ATM skimming that he can steal from ANY bank, then money is still money no matter which bank he steals from. So why would he concentrate on stealing ONLY from DBS/POSB bank when there are so many other banks such as OCBC, Standard Chartered, UOB, Citibank, etc to also steal from at the same time? Why is the theft/fraud confined only to 1 bank?

    4) Why the fraudster withdrew from ATMs ONLY in Malaysia and not in Singapore or other nearby countries? Are the ATMs in Malaysia less secure with no CCTV to record the person doing the withdrawal? Any other reasons that we did not think of?

    5) Before a debit card / ATM card is issued by any bank, some one has to make the card. What are the internal and external controls to ensure security of the computer data in the magnetic stripes and the original PIN issued to card holders. Card holders may or may not change the original PIN to their own. Hypothetically, if there is a leak, and card holders do not change PIN, then no need to skim.

    6) Did all the account holders of the 400 compromised accounts use the alleged 2 Bugis ATMs during November 2011? This part not clear. Maybe need to read the news again.
    Last edited by ricohflex; 7th January 2012 at 03:13 PM.

  19. #39

    Default Re: DBS/POSB Security Compromised

    Quote Originally Posted by ricohflex View Post
    1) If a fraudster stole the ATM card details and also the PINs (supposedly at the alleged 2 Bugis ATMs). That was in November 2011 according to the news. You mean that he waited until early Jan 2012 to start stealing money? Does it make sense?

    2) Normally in any banking fraud case e.g. internet banking fraud or ATM card skimming; a bank is strongly defensive and upfront will contend that it may have been the account holders' fault in not keeping their PIN private and secure possession of their ATM cards. But now the bank is so generous in replacing the money stole within 24 hours. It is good of them though, not complaining here. Not the normal way they handle such issues and out of character.

    3) If a fraudster was so skilled at ATM skimming that he can steal from ANY bank, then money is still money no matter which bank he steals from. So why would he concentrate on stealing ONLY from DBS/POSB bank when there are so many other banks such as OCBC, Standard Chartered, UOB, Citibank, etc to also steal from at the same time? Why is the theft/fraud confined only to 1 bank?

    4) Why the fraudster withdrew from ATMs ONLY in Malaysia and not in Singapore or other nearby countries? Are the ATMs in Malaysia less secure with no CCTV to record the person doing the withdrawal? Any other reasons that we did not think of?

    5) Before a debit card / ATM card is issued by any bank, some one has to make the card. What are the internal and external controls to ensure security of the computer data in the magnetic stripes and the original PIN issued to card holders. Card holders may or may not change the original PIN to their own. Hypothetically, if there is a leak, and card holders do not change PIN, then no need to skim.

    6) Did all the account holders of the 400 compromised accounts use the alleged 2 Bugis ATMs during November 2011? This part not clear. Maybe need to read the news again.
    1. Maybe they wait for 2011 year-end bonus to be banked-in before striking?

    2. They act fast you also complain...

    3. Maybe because DBS/POSB has the most ATM?

    4. Maybe their home base is in MY?

    5. This is really the responsibility of the card-holder. But if you are issued the card over-the-counter you have to assign a PIN before it is activated.

  20. #40
    Senior Member
    Join Date
    Feb 2005
    Location
    sing
    Posts
    3,353

    Default Re: DBS/POSB Security Compromised

    From CNA article:
    "Speaking for the first time publicly on the incident, Mr Gupta added that there's no "internal involvement" in the fraud incident."

    Actually he cannot and should not make such a public declaration, when the entire case is still under Police investigation. And no arrests have been made yet.
    He is not God and he is not All-Knowing, omni-present and omni-potent.
    So how can he know for sure, at this early stage?
    The Singapore Police and Malaysian Police will have to make the arrests, interrogate the fraudsters and charge the fraudsters in court.
    Only then will anyone know whether the fraudsters have any insider collusion or whether the fraudsters were the staff or whether the fraudsters were working alone without any internal involvement.

Page 2 of 3 FirstFirst 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •