MY I.D was HIJACKED

[Rusty]

Recently i had Geek squad work on another P.C. Well i pay the bills on line for my MOM. it appears as though somone got all our bank info through the computer.

i cleared ALl the passwords and cache in f.f and i.E the ONLy pass i left were through the fingerprint logon manager. is there a file somewhere that stores this info for the finger print manager. This is the only way i can think of thati may have slipped up. now there has been a 25,000$ cash advance on my card and several electronic transfers to banks bounced around the city. This bieng Vista i do not knwo if there is a file somewhere for the fingerprint manager. I even used a military deletion style deleter to erase the passwoed file i had. I CANNOt think of how i was PHISHED.
i have k.i.S. and as secure an internet connection as i can get as far as i know. i HATE to blame anyone at Best Buy but they had the P.C

perhaps these thieves will be kind enough to pay my left over DR. Bills lol ANY IDEAS GUY where i slipped up?!>!>!

[Odie]

Rusty you must have been a Pirate or Slave Trader in your previous life to deserve all this bad luck. All I can think off is maybe a keylogger.

[ding-dong]

did you check all your port is its secured? sorry to hear that man

[Kees]

Yes, too bad. The only advice I can give is to have a seperate PC just for banking and nothing else online, but that of little comfort now.

[Solaris]

Poor unlucky guy.

As you mentioned that you had KIS installed, then i do not think that it will be a problem of keyloger. Make sure your house is protected from thieves.

[brayden]

it could be the site you where paying with. i was on this vulnerable site and it had paypal accounts and all! well it used to be vulnerable. they've since patched the error up. in any case it could the the best buy site itself, if the table that had the information for the money transfers was vulnerable then well you know the rest.

[Rush]

First I would most definitely check for a keylogger. Easiest and fastest way if they are physically in front of the machine. If you have another system that you could run a packet capture software like Wireshark, I'd start tracking that machine and see where it is sending information.
Fingerprint logon databases are usually 256 bit AES encrypted, depending on which one you are using. The database would have to have been exported and broken. Tough, but not impossible, yet very time consuming.
Your best bet is to begin to try to narrow it down through timing. When did GS service the machine compared to the first bogus transaction? How many total transactions, and how far apart were they? Were all the bank reflections from within the same city?
If it was the Geek Squad dude, he's an idiot. Both in a practical and in a technical sense. Unless he's smart enough to have never done this before and never do it again. If that is the case, he choose you for a reason. He's in front of peoples computers all day long. If you are the only one he's done it to, he's been turning down candidates for a while. The choosing process leaves footprints. Account inquiries, transaction reports and things that the FBI is really good at finding.
Check the bank reflections. Chances are that if they are all local banks, then the % chance of it being the Geek Squad dude goes through the roof, and it is very likely that he'll get caught and the money recovered.
If you got hit by a pro, and I suspect you were, they will attempt to reflect the money off shore as fast as possible. Usually within the first minute.
If they got you for 25k in cash, they are either very good, or very stupid. Either way, they are able to be caught. The cash was a mistake. In that world, one mistake is equal to 15 years.

[Silk40dd]

Besides checking for a keylogger or a trojan that steals passwords, I would contact the manager of Best Buy and inform them of what has happened. If they can determine that this was done by their employee then it would be up to them to disclose this, give you the option or your credit card to charge the person and just think about it, he or she may be doing this to many people.
One thing I do know is that they do NOT appreciate dishonest technical help stealing.
I would also take a look at where you visited that day online or just prior when the transactions took place to determine if it was a site you went to and forgot about.

Also, your bank should also be checking into where the transactions took place as if the person tried to do it with online banking then you just might catch them.

Its scary that today we have to worry about this, and that is why its important to deal with a credit card company that protects you of misuse by others.
I do know that MasterCard informs you if they notice any transactions that are not in your character of normal use and they will not penalize you if they find out someone else went out and used your card without your knowledge or if it was phished online. Perhaps get a AV with antiphishing built into the browser and also do a total scan but my bet is that the person working on your computer may have did this, and if the manager has heard of similar complaints by others that person has worked for then chances are he will be prosecuted.

Finally if you have to have someone work on your computer, its important to change the passwords to anything online, and then they can't really log in if they did steal it somehow. Hugs Silk40dd

[Rusty]

well they could have easily disabled KIS. I ran Malwarebytes and found many "adaware" but no key loggers. Is there another way to scan for key logggers. I thought KIs would be sufficient to delete spy ware but Malawarebytes found 55 infections and right after Superantispyware found 3 more. So its bieng looked into. Whatss the best way to scan for a keyloggers i thought Malawarebytes and KIS would have done it

[hellnoire]

Try doing an online scan from Trend Micro, it's called HOUSECALL, it seems to work well for my parents and on my Windows computers.