Worldwide online criminals crackdown - nani amewahiwa kutoka hapa kijijini?

Tom Bayeye

Village Chief
#4
Debit card yangu ilinyoroshwa on the fifth nikaiblock. Mjamaa aliingia ebay na kununua vitu mzito. Uzuri zilikua haziko processed on the other end. They bypassed the two step pin verification ya simu.Nakuaga nimeweka cap on cash limit, phone app ndio ilinisave after niende ATM then card got declined,i knew straight up nimehackiwa.
 

Soprano

Village Elder
#5
Debit card yangu ilinyoroshwa on the fifth nikaiblock. Mjamaa aliingia ebay na kununua vitu mzito. Uzuri zilikua haziko processed on the other end. They bypassed the two step pin verification ya simu.Nakuaga nimeweka cap on cash limit, phone app ndio ilinisave after niende ATM then card got declined,i knew straight up nimehackiwa.
Oh, well! Kwa hivyo wewe unajua firsthand what it means kuwa mindful of one's online privacy!
 

JM. Pombe

Village Elder
#7
Debit card yangu ilinyoroshwa on the fifth nikaiblock. Mjamaa aliingia ebay na kununua vitu mzito. Uzuri zilikua haziko processed on the other end. They bypassed the two step pin verification ya simu.Nakuaga nimeweka cap on cash limit, phone app ndio ilinisave after niende ATM then card got declined,i knew straight up nimehackiwa.
Hebu nieleze, purchasing online inatumia PIN kweli? Si I think only card number, expiry date and CVV are needed?
 

Tom Bayeye

Village Chief
#8
Hebu nieleze, purchasing online inatumia PIN kweli? Si I think only card number, expiry date and CVV are needed?
Yep,you're right. Like i said,mine is a two step.
Nikibuy kitu,i get a text message with a pin number on my phone,which i have to paste/type it on a pop up sent by the bank on the payment page regardless of the shop,but someone bypassed all that. I have the option of setting it up even for ATM,Card swipe.......not a local bank incase you're confused
 

JM. Pombe

Village Elder
#9
Yep,you're right. Like i said,mine is a two step.
Nikibuy kitu,i get a text message with a pin number on my phone,which i have to paste/type it on a pop up sent by the bank on the payment page regardless of the shop,but someone bypassed all that. I have the option of setting it up even for ATM,Card swipe.......not a local bank incase you're confused
Hao ni professionals. I see there are methods to bypass 2FA; https://www.hoxhunt.com/blog/5-ways-to-bypass-two-factor-authentication/
 
Last edited:
#10
Hao ni professionals.
Even worse,my bank offers Fast ID Online, a security specification for strong authentication password databases like personal identifying information that incorporates finger print unlock system,that comes with most phones, locally on the user's device to protect it and the info there in. Problem ni,mine uses a USB,
Hnet.com-image-1.jpg
that was set up by the bank and registered on my phone. So nikiingia tuseme amazon on subsequent logins, the site will prompt me to connect my device and tap it to allow the login and purchace AND get a PIN (for card authorization). Hapo ndio kimeumania bank,mine's the seventh to be hacked
 

JM. Pombe

Village Elder
#11
Even worse,my bank offers Fast ID Online, a security specification for strong authentication password databases like personal identifying information that incorporates finger print unlock system,that comes with most phones, locally on the user's device to protect it and the info there in. Problem ni,mine uses a USB,
View attachment 368960
that was set up by the bank and registered on my phone. So nikiingia tuseme amazon on subsequent logins, the site will prompt me to connect my device and tap it to allow the login and purchace AND get a PIN (for card authorization). Hapo ndio kimeumania bank,mine's the seventh to be hacked
Looks like a YubiKey there. Your card details might have have come from a comprised merchant's database/systems. You should consider the online payment solutions that are preloaded with a specific amount and are delinked from your card.
 

Who will win the 2022 elections? Ruto vs Raila.Cast your vote!

#12
Looks like a YubiKey there. Your card details might have have come from a comprised merchant's database/systems. You should consider the online payment solutions that are preloaded with a specific amount and are delinked from your card.
It doesnt make any sense at all,time nikiget hio USB,the OTP was a 44-character, one use, secure, 128-bit encrypted Public ID and Password, near impossible to spoof. The OTP comprised of two major parts; the first 12 characters remained constant and represented the Public ID of the USB itself ,the remaining 32 characters make up a unique Passcode for each OTP generated .The idea to use a physical key was to make it harder for a hacker to log into my online accounts,unless its an inside job pale kwa bank coz they will need to decrypt my USB's internal key to validate OTP session using previous values submitted and that was august 2020
 
#15
Even worse,my bank offers Fast ID Online, a security specification for strong authentication password databases like personal identifying information that incorporates finger print unlock system,that comes with most phones, locally on the user's device to protect it and the info there in. Problem ni,mine uses a USB,
View attachment 368960
that was set up by the bank and registered on my phone. So nikiingia tuseme amazon on subsequent logins, the site will prompt me to connect my device and tap it to allow the login and purchace AND get a PIN (for card authorization). Hapo ndio kimeumania bank,mine's the seventh to be hacked
This is quite scary, having all these very strong layers of protection bypassed. People forget that the best hackers are never even detected because of their clean attacks. And the level of sophistication is exponential. Cyber security is going to be a very interesting field.
 

Who will win the 2022 elections? Ruto vs Raila. Cast your vote!

Top