Watch out for VPN
I had a very disturbing meeting last week that I was asked to attend by the local Marie, another British lady living close to our village had become a victim of cybercrime and has lost a great deal of money.
The meeting was between the bank, the Gendarmerie and lady in question and the village secretary, the poor lady in question has lost over 35,000 (thirty five thousand) euros, some from her French current account and the rest from her French savings account.
The bank will not cover the loss as they say her internet banking password was used to make the transfers out of her account. What the Gendarmerie and the village secretary wanted to know was how this could have happened as the lady had a good password and had never told it to anyone.
The Gendarmerie suspected there was a computer virus involved, I was asked to check the computer and list all the problems I could find.
- Windows was up to date – no fault there.
- All software was up to date – no fault there.
- A good Virus scanner was installed – no fault there.
- A malware scanner was installed – no fault there.
- No viruses, malware or any other kind of infection could be detected – no fault there..
- There were no remote connections or spying apps/programs installed – no fault there..
So how could the data have possibly gotten off the computer and into the hands of the criminal?
The answer was VPN. – Virtual Private Network in this case it was Tunnel Bear free VPN.
The hacker had used a VPN system to monitor all internet traffic from the computer, they had managed to intercepted the logons to the bank and somehow gotten the password.
Why was a VPN being used – because the satellite is not working very well and it was being used to watch UK TV.
Not all password are sent securely many are pain text when logging into a web site, the bank has a different method of password security but even this is not secure if a hacker watches the internet activity for long enough.
Normal Internet activity is very difficult or impossible to monitor or track, but connecting to a completely unknown location/person with a VPN directs everything you do through that point and makes it very easy for someone else to see what you are doing.
To stay safe either DO NOT use a VPN, or only connect it when you want to watch TV and make absolutely sure you disconnect it before doing anything else – especially online banking. Alternatively use Filmon.com or a DNS redirecting service like Unotelly.com much safe and also much faster than VPN.