My SBI net banking hacked?

[Krushna]

Hi,
I have a savings account with SBI. The problem started from the day i took a gold loan of 1 Lakh rupees.The day that money came into my account, I recieved an SMS saying "Your transaction XXXX INR 407.85 failed. You may try again. Inconvenience is regretted." The very next day I withdrew the mony from that account and deposited in another account. I logged in to my netbanking and to my surprise, my last login time listed on the site was exactly one minute prior of the SMS time, and I hadnt logged in to net banking for at least a month! I ignored as I didnt have any money in that account now and had decided not to use that account for big amounts. Now i dont keep more than 10K in that account. But the SMSes didnt stop. And the strange thing is the amounts are always like 405.54 etc, and always in inreasing order. I will list the amounts in last few SMSes:
403.07
403.26
403.45
404.21
404.40
404.59
404.78
405.35
and so on.

fed up with this, I called their call centre, which was just a waste of time and they asked me to contact the branch. Contacting the branch was another waste of time and they asked me to file a police complaint, which i didnt do.
The strange thing is this didnt stop even after changing my password and I also dont get any OTP on my cell for these transactions.
Now I have decided to format my laptop, which would be a real pain as I have all the softwares I need installed which I will need to do again.
I want to know if anybody else has faced such an issue?

Regards
Krushna

 

[timepass]

Maybe it is some charges related to your gold loan. Maybe the charges are increasing with passing time.

From where did you take the gold loan ? Ask them about it. Check the loan statement.

 

[Rish]

Maybe it is some charges related to your gold loan. Maybe the charges are increasing with passing time.

From where did you take the gold loan ? Ask them about it. Check the loan statement.

Since...he told "transaction failed".......may not be other charges....

It happened once (4 yrs back)....with my wife a/c......she got a link...very similar to Axis Bank and asking to change the password.....immediately I went to Axis...they told me...the link is not from Axis......

Always....I use to keep Main A/c with one bank (without net banking)....and transfer amount from that a/c to other a/c...keeping debit card for using regular activities...to protect myself (samething has told by ST..in someother thread)...

 

[Krushna]

Maybe it is some charges related to your gold loan. Maybe the charges are increasing with passing time.

From where did you take the gold loan ? Ask them about it. Check the loan statement.

I took the gold loan from SBi itself. I checked about the charges but they told me that charges were applied to my account. And all these transactions are being denied.
And as for increasing charges, they had reached 408+ and again started from 403+. And how come I see last login time as the time of SMS when I havent logged in at that time?

 

[travi]

Currently SBI has an Android OTP online/offline code generator.

That can only be installed on one mobile, and you don't need the SMS OTP.
Try this and check if you still see those "unauthorized logins".

It is supposed to guarantee single login, unless, someone else has physical access to ur mob.
It is possible, that it is shown on hack fests, that your android phone if compromised, can give away access. Don't just suspect your PC,
if your phone is leaking those OTP SMS's, then you're in more trouble.

 

[travi]

Can you post the exact narration of the debit
eg: date... DEBIT CHARGES FOR SMS - QUARTERLY Ref. no. Debit amount

Mostly there is no confidential info, but if you feel so, you can omit that with XXXX

 

[mastermind007]

Hi,
I have a savings account with SBI. The problem started from the day i took a gold loan of 1 Lakh rupees.The day that money came into my account, I recieved an SMS saying "Your transaction XXXX INR 407.85 failed. You may try again. Inconvenience is regretted." The very next day I withdrew the mony from that account and deposited in another account. I logged in to my netbanking and to my surprise, my last login time listed on the site was exactly one minute prior of the SMS time, and I hadnt logged in to net banking for at least a month! I ignored as I didnt have any money in that account now and had decided not to use that account for big amounts. Now i dont keep more than 10K in that account. But the SMSes didnt stop. And the strange thing is the amounts are always like 405.54 etc, and always in inreasing order. I will list the amounts in last few SMSes:
403.07
403.26
403.45
404.21
404.40
404.59
404.78
405.35
and so on.

fed up with this, I called their call centre, which was just a waste of time and they asked me to contact the branch. Contacting the branch was another waste of time and they asked me to file a police complaint, which i didnt do.
The strange thing is this didnt stop even after changing my password and I also dont get any OTP on my cell for these transactions.
Now I have decided to format my laptop, which would be a real pain as I have all the softwares I need installed which I will need to do again.
I want to know if anybody else has faced such an issue?

Regards
Krushna

I think you should go ahead and file a police complaint just to be safe.

If SBI wanted to withdraw 400 rs from your account against your GOLD loan, they would not have had any problems and their transactions would certainly not be declined. Since transactions are happening even without your PC being connected, it is some other device (or service). Just to be sure, make sure that you have not set any recurring payment to anyone .....?

 

[Krushna]

Can you post the exact narration of the debit
eg: date... DEBIT CHARGES FOR SMS - QUARTERLY Ref. no. Debit amount

Mostly there is no confidential info, but if you feel so, you can omit that with XXXX

Yes nothing confidential in that.
Here it is, the latest one:

"Your transaction IG0CUVLCA6 INR 410.67 failed. You may try again. Inconvenience is regretted." 19.44, 19 Dec

 

[Krushna]

Currently SBI has an Android OTP online/offline code generator.

That can only be installed on one mobile, and you don't need the SMS OTP.
Try this and check if you still see those "unauthorized logins".

It is supposed to guarantee single login, unless, someone else has physical access to ur mob.
It is possible, that it is shown on hack fests, that your android phone if compromised, can give away access. Don't just suspect your PC,
if your phone is leaking those OTP SMS's, then you're in more trouble.

The point is, when I Log in for some transactions, I get the OTP on my cell. But I dont recieve any OTP for these transactions. Does this mean that the banks system that sends OTP is compromised?

And I can think of only one reason why the transaction doesnt goes through and that is No OTP.
Is this some automated programme or something?
Almost 90% of the attempts have been around 19.30

 

[Krushna]

I think you should go ahead and file a police complaint just to be safe.

If SBI wanted to withdraw 400 rs from your account against your GOLD loan, they would not have had any problems and their transactions would certainly not be declined. Since transactions are happening even without your PC being connected, it is some other device (or service). Just to be sure, make sure that you have not set any recurring payment to anyone .....?

Instead of filing a police complaint, what I have planned to do is first of all format my laptop and then open another bank account with ICICI which I will use for net banking. And my be I will close the existing bank account with SBI and open another account.
And No, I havent set any recurring payments to anyone.