Need help understanding how my bank account was hacked

Options
shelleyfl57
shelleyfl57
Community Member
edited November 2021 in 1Password in the Browser

I have been using 1Password for a year and love it. Today, I logged into my bank account and $9,000 was missing. Someone had managed to link my account to the Voyager Bitcoin app. They had done two test deposits the day before which I had not noticed. The bank is recognizing this as fraud and will refund my money, but it is disturbing to think that someone was able to get into my bank account. From what I understand the bank verification process on the Voyager app uses the Plaid interface to verify banks. This requires someone to login to the bank and then verify two micro deposits. Can anyone think of any other way someone could have achieved this without having my login credentials? I just can't figure out where my credentials could have been compromised. I am so careful about Phishing schemes and not using public WiFI. I still love 1Password, I just want to prevent this from ever happening again. Thanks so much!

1Password Version: 2.14
Extension Version: Not Provided
OS Version: 12.0.1

Comments

  • ag_yaron
    ag_yaron
    1Password Alumni
    Options

    Hey @shelleyfl57 ,
    I'm truly sorry to hear this has happened to you. I know that horrible feeling of having your account(s) hacked and abused. :angry:

    There are a few important actions we should perform first:

    • Scan your computer and phone/tablet with a good anti-virus/malware software to make sure it is clean and is not compromised.
    • Change your bank account's password to a new strong password that you will generate with 1Password (and do that for any other important/financial website you have an account in as well).
    • If your bank allows it, enable 2FA (Two-factor authentication) on your account for enhanced security which will prevent malicious 3rd parties from being able to access your account even if they have successfully stolen your username and password.

    As for how this might have happened, we can speculate for a while but the most common reasons are:

    • A weak or predictable password (that might have been discovered on another website's breach/attack, alongside your username).
    • Phishing. Some phishing emails and websites look really REALLY convincing these days.
    • A compromised device/computer.

    Some less common (or even rare) reasons are:

    • Identity theft, in which the attacker has all the info they need about you (including IDs) and they were able to contact your bank claiming they were you.
    • Social engineering, where someone extracts information from you and disguising it as a friendly conversation (e.g. "What's your email?" or "Wow your password is also 20 characters long? Mine too!" etc).
    • Direct and physical access to one of your unlocked devices/computers, e.g. if you went to the bathroom for a few minutes and left your computer/phone unlocked on the desk.
    • Inside job of one of the bank's employees, or a breach into their systems.

    The list can go on and on, but these are the ones from the top of my head.
    I hope the process of getting your funds back will be quick and painless :+1:

  • Tertius3
    Tertius3
    Community Member
    Options

    What @ag_yaron didn't explicitly mention, and what is the most often compromise of passwords in general, is that you might have used your bank account credentials for other accounts as well. If a website of one of that other accounts get breached and the user database stolen, the hackers might brute-force your password and tried if that worked for your bank account as well. Make sure you use a different password for every single website and every single service. 1Password is designed to protect against that scenario, because it helps you storing and remembering a different password for every single account you have.

  • Jack.P_1P
    Jack.P_1P
    Options

    Thanks for the additional insight @Tertius3! :smile:

This discussion has been closed.