Comment on How do I prevent hackers from stealing my debit card information?
Snowman44@lemmy.world 11 months agoRunning a virus scan wouldn’t be enough? I’d rather not factory reset everything.
A virus scan can only scan for something it knows. If you have something new or esoteric on your device, the scanner may not pick it up.
If you’re not using a reputable antivirus, also consider that the database is wildly out of date at best, or the “antivirus” is malicious on its own.
Are you trying to fix the issue or have this repeat? Start listening to the genuine advice being offered
No, it won’t. If you value that situation enough to post here, you should also listen to the advices you’re given.
If you have an anti virus running and you’re still being pwnd, a scan won’t change anything. Format everything, computers, phones, everything with an Internet connection really. Yes, it’s a pain, but also yes, it’s necessary.
Do it
Running a virus scan wouldn’t be enough
No, those can be bypassed. If your kernel is what’s infected, then it’s not going to find anything.
Scanners are useful, but what they can look for is limited.
Its not enough , why do you think you card is being used again and again? You don’t have backups of your data? A reset should be done every now and then to keep everything tidy.
EdibleFriend@lemmy.world 11 months ago
RagingNerdoholic@lemmy.ca 11 months ago
To be fair, factory resets are a huge pain in the ass. Might as well try other things before busting out the nuclear option.
nous@programming.dev 11 months ago
Once you suspect a device is infected the only good option is the nuclear option. Anything else will not be guaranteed to 100% remove it, or really, anywhere near close to that, or even detect everything wrong in the first place or after attempted removal. And with a month long period between attacks that is a long time to wait and see to see if any other option might work.
comic_zalgo_sans@lemmy.world 11 months ago
RagingNerdoholic@lemmy.ca 11 months ago
True, but I would confirm a device is compromised before nuking the OS, not just do it willy-nilly because maybe it could be. A better way to phrase what OP is asking is: what are some ways to troubleshoot this without making a ton of potentially unnecessary work for myself?
…to which I would say, run a
netstaton any systems that can, check those IP’s against WHOIS and/or traceroute. Anything that traces to Eastern Europe, Russia, China, most of SEA is a red flag. Dig a little deeper with Wireshark or Glasswire to inspect some actual packets for suspicious content. I think there’s a network logger that can trace the process using a given connection, but the name eludes me).Find your smoking gun, then torch the OS.
EdibleFriend@lemmy.world 11 months ago
Honestly you do have a point.