rootkit, keylogger or what?

[lovehungryman]

Hello guys!

How do I explain this, well it happened over a month ago when we (wife and I) booked a trip to Sweden through a travel agency, then we found out a few days later after the payment was made that more money was withdrawn than original price and talking to our bank we found out that certain sum was gone (to a probably fake travel agency), thankfully the bank paid back whole...

My concern now is:
How it all happened since this is a couple months old pc that I had scanned and made sure it had all security software, updates, add-ons and the like.
I had windows 8.1 back then and when windows 10 upgrade came I made a clean install so I am confident if it was malware then it's most likely gone, but how I can make sure or how could prevent this for happening again? Any suggestions?
Thanks!

 

[LabZero]

Well, I think the problem probably is not related to the presence of malware.
It is likely that you have made the payment on a phishing site: identical to the original but obviously fake and operated by cyber criminals.
It is a widespread problem.
Many antivirus recognize the phishing pages but not all.
Firefox and Chrome have a good anti-phishing protection, but some attention is very important.
Anyway another problem are the keyloggers.They are difficult sometimes to detect by common antivirus.
Some solutions can be Zemana Antilogger and SpyShelter (FREE and PRO).

If you have any doubts about a possible malware infection you can create a thread here: http://malwaretips.com/forums/malware-removal-assistance.10/

 

[Atlas147]

Your post is a little confusing but let me try to get the facts right, you paid for your trip and after your payment another sum of money was taken out of your bank account, you later find out that your booking to sweden was through a fake travel agency?

 

[lovehungryman]

Flights and hotel were paid and not problem with that but about 300 euros more were taken out so I guess someone in between wanted to made some bucks as well...It was weird since I did not know where it came from for I thought I was kinda safe and well protected... Yes, as you say Klipsh it may have been a phishing site... first time it happened to us and hopefully last.
I don't remember which browser was used but Opera most likely.
Is there a post somewhere in Forum where I could find about how to prevent this for happening again or some advice?

Thanks again Hanmin147 and Klipsh!

 

[Exterminator]

I would take this up with the travel agency as it seems to me that would be the first place to look.Was the payment made in person? On a debit card? Credit Card? Maybe a travel agency employee taking a little cash for themselves or maybe even an honest mistake.

 

[lovehungryman]

It was paid by my wife using her bank account online, I was not around when it happened but she remembered when submitting payment she was asked to confirm her payment again which it is not usual since we had done it before... Thankfully the bank took responsibility and we were reimburse the 300 euros... Next time we need to be aware and suspicious of such threats, don't know if maybe browsing in incognito mode or using the old Linux laptop can help while banking online.

 

[Exterminator]

Using a Virtual keyboard or a secure keyboard will help keep you safe
There are also a few security suites that offer safe pay for online banking Kaspersky & Bitdefender off the top of my head