My wife and I keep getting our debit cards stolen online. We notice the charges and are able to dispute them and cancel our cards, but it sure is annoying.

We don’t put our card information on suspicious websites. They’re on well known websites like amazon and Facebook.

We ran out emails through a data breach checker and it found nothing.

I don’t think there’s any malware on our devices.

Any idea what could be happening and how to prevent it?

    • Snowman44@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      21
      ·
      1 year ago

      Running a virus scan wouldn’t be enough? I’d rather not factory reset everything.

        • RagingNerdoholic
          link
          fedilink
          English
          arrow-up
          25
          arrow-down
          2
          ·
          1 year ago

          To be fair, factory resets are a huge pain in the ass. Might as well try other things before busting out the nuclear option.

          • nous@programming.dev
            link
            fedilink
            English
            arrow-up
            9
            ·
            1 year ago

            Once you suspect a device is infected the only good option is the nuclear option. Anything else will not be guaranteed to 100% remove it, or really, anywhere near close to that, or even detect everything wrong in the first place or after attempted removal. And with a month long period between attacks that is a long time to wait and see to see if any other option might work.

              • RagingNerdoholic
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                Absolutely. Use an efficient disk imager that can take incremental snapshots and you can keep backups for months or years without needing a ton of storage.

            • RagingNerdoholic
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              edit-2
              1 year ago

              True, but I would confirm a device is compromised before nuking the OS, not just do it willy-nilly because maybe it could be. A better way to phrase what OP is asking is: what are some ways to troubleshoot this without making a ton of potentially unnecessary work for myself?

              …to which I would say, run a netstat on any systems that you can, check those IP’s against WHOIS and/or traceroute. Anything that traces to Eastern Europe, Russia, China, most of SEA is a red flag. Dig a little deeper with Wireshark or Glasswire to inspect some actual packets for suspicious content. I think there’s a network logger that can trace the process using a given connection, but the name eludes me).

              Find your smoking gun, then torch the OS.

          • phx
            link
            fedilink
            English
            arrow-up
            5
            ·
            1 year ago

            Less of a pain in the ass than using a compromised device and having your payment card info stolen repeatedly?

            • RagingNerdoholic
              link
              fedilink
              English
              arrow-up
              3
              ·
              1 year ago

              If it ends up not being the culprit, kinda yeah. I’m just saying, try some less disruptive troubleshooting first.

      • Zron@lemmy.world
        link
        fedilink
        English
        arrow-up
        28
        ·
        1 year ago

        A virus scan can only scan for something it knows. If you have something new or esoteric on your device, the scanner may not pick it up.

        If you’re not using a reputable antivirus, also consider that the database is wildly out of date at best, or the “antivirus” is malicious on its own.

      • Runel0rd@kbin.social
        link
        fedilink
        arrow-up
        12
        arrow-down
        1
        ·
        1 year ago

        Are you trying to fix the issue or have this repeat? Start listening to the genuine advice being offered

      • NooNz@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        7
        ·
        edit-2
        1 year ago

        No, it won’t. If you value that situation enough to post here, you should also listen to the advices you’re given.

        If you have an antivirus running and you’re still being pwnd, a scan won’t change anything.

        Format everything, computers, phones, everything with an Internet connection really. Yes, it’s a pain, but also yes, it’s necessary.

        Do it

      • graphite@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        5
        ·
        edit-2
        1 year ago

        Running a virus scan wouldn’t be enough

        No, those can be bypassed. If your kernel is what’s infected, then it’s probably not going to find anything either.

        Scanners are useful, but what they can look for is limited.

      • JakenVeina@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It’s not like virus scanning is useless, but it varies depending on which scanning seevice you’re using, and none of them are foolproof. The fact that you’re still getting compromised suggests that your scanner(s) might be missing something.