One reason I don't have any bank details on my smartphone or tablet. I have the free version of Lookout installed on both just in case.
I checked my email this morning and see that Sainsburys had confirmed account detail changes. I picked up my tablet, went into the browser and went to my Sainsbury's account. I was very surprised to see that the auto fill had put in a strange email address! I called Sainsburys and they confirmed that the details had been changed and a £350 order had been placed for an address 300 miles away. That order was cancelled and I cancelled the credit card that is linked with the account. I have spent the rest of this morning changing all of my sensitive passwords.
Am I right in thinking that my tablet has been compromised? I feel the obvious answer is yes but I have not heard of this method before! My tablet has not been out of the house for 6 months and only my immediate family have had access to it. I have factory reset the tablet anyway but am just curious about it all.
One reason I don't have any bank details on my smartphone or tablet. I have the free version of Lookout installed on both just in case.
I had AVG installed but that didn't seem to do the job.
The fraudsters must be a bit dumb as there is obviously a delivery address. The residents will of course deny all knowledge but I guess the address will now be 'flagged' for fraud. Well I hope so anyway.
Out of couristy, which tablet and what operating system are you running?
As has been said don't link a Credit Card with your tablet. Kindle users in particular should take note.
To the OP - is it used by several members of your family and if so it would be worth looking at what's been downloaded recently.
With the rise of the tablet it's clear that they are going to be a target for hacker attacks.
Is it potentially your wifi that's been hacked rather than your tablet? Might be worth changing your wifi password too?
I have a Asus Transformer running Android. The browser that had the fraudulent auto filled email address was firefox. I am the only one that uses the tablet apart from the occassional browsing. I only download apps from google play.
I think I am right in saying it`s the tablet/browser that is compromised, not my router, because the auto fill was compromised. Does that sound right?
Sounds correct to me. I assume the email address would have been held in cookie data so presumably at some point typed into your tablet. Sounds very odd.
Last edited by Petewon; 8th February 2014 at 19:10.
Got me puzzled this one. It's odd that the autocomplete would show a suspect email address as surely they would have needed your email address to log into your account. What details did they actually change? I'm assuming they changed delivery address but was anything else changed?
Do you type in your user name and password every time you are logging on to your Sainsbury's account or do you use 'Remember me/my password'? If latter, it is possible that one of the websites you've visited recently 'pulled' your Sainsbury's account details including password from the browser cache/cookies. I'd remove any sensitive data from the tablet and upgrade it to the latest operating system and install the latest browser version as well. Apparently Android is leaky as a sieve and attacks are on the rise, or so I hear..
Last edited by VDG; 8th February 2014 at 23:32.
Fas est ab hoste doceri
It sounds far more likely that it's the sainsbury account that was hacked.
Yes, I had everything set to auto fill. No more auto fill on passwords for me.
I would have said it was the account that was hacked were it not for the email address appearing on the log in page. I am not saying I know what's happened, just what looks likely. I am happy to be corrected, that's why I asked on here.
Unless you have lent your tablet to the miscreants, it's most likely that the auto-fill details were completed by the website after the last use of the account.
Did Sainsbury's give you details of the address and name the account has been changed to?
If you I would suggest you report it to the police as a fraudulent transaction, if they have used their home address then they are fairly foolish...
If anyone has the technical ability and desire to hack an android tablet that's sat behind a router it's unlikely they'd be doing it just for just £350's worth of groceries.
I'd also assume this was Sainsbury's A/c not the hardware.
Slightly OT, but I'm getting a little bored of the "I've been hacked..." emails / DMs sent out by people on Twitter. Stop clicking on dodgy links, never install / run unexpected programs, and get some decent protection. It's highly unlikely that anyone has hacked you via Twitter; it's self-inflicted.
You will more than likely find it has filled out as a result of the auto fill.
When I start typing an email address in Chrome it starts by filling out someone else's email address until I get to the second letter as the first letter of my email address and the other persons both start with "s"
This is as a result of my phone running Chrome as well as my laptop so the two are synchronized,hence anyone I have emailed from my phone for instance is added as a contact to my Google account automatically.
Hence when I try typing my email address someone else's appears before mine.
I think you will find if you could dig deep enough the email address is probably someone you have dealt with in one way or another in the past.
This is an interesting and helpful thread.
On a PC or Mac a lot of the possible ways this could have been achieved would have been blocked or made less likely by use of a decent and up-to-date security suite, but it bet few (any?) of us use one on handheld devices. Do any of the handheld security apps help?
My understanding of Lookout (and find my iPhone! plus a load of others) is that they just find and wipe a stolen device, and some do a few extra things like photographing the perpetrator. How would that help here?
Given it's apparently possible to hack fairly dumb devices if they are connected to home networks then anything is possible. Clearly tablets need decent security software to be safe (ish) in the modern world.
Nope, autofill is a cookie stored by the computer.
I'm guessing, but since Sainsbury's quickly shutdown the account, I'd say they've been the ones compromised, and the cookie has been injected on the next visit.
Without the cookie injected, the previous one stored on the tablet would've had an unending expiry or one a few years from first created, and the OP's original details displayed.
I'm quite aware how it works, I was trying to simplify my posting.