Our only URLs are

All other sites are scams – especially be wary of:

benumbs.cards & bennumb.cards & bennumbs.cards & benumb.cc & many more…

(it can be hard to notice the S and extra N if not careful.) 

Welcome to the real deal. 

Please bookmark this link — the other sites have simply copy/pasted our html and don’t actually have any cards to sell. 

They can be easy to fall for if you aren’t cautious!

9 thoughts on “Developing an Operational Security Plan to Protect $220,000 from a Possible Bank Account Breach”

  1. Congratulations on your first post in r/opsec! OPSEC is a mindset and thought process, not a single solution — meaning, when asking a question it’s a good idea to word it in a way that allows others to teach you the mindset rather than a single solution.

    Here’s an example of a bad question that is far too vague to explain the threat model first:

    > I want to stay safe on the internet. Which browser should I use?

    Here’s an example of a good question that explains the threat model without giving too much private information:

    > I don’t want to have anyone find my home address on the internet while I use it. Will using a particular browser help me?

    Here’s a bad answer (it depends on trusting that user entirely and doesn’t help you learn anything on your own) that you should report immediately:

    > You should use X browser because it is the most secure.

    Here’s a good answer to explains why it’s good for your specific threat model and also teaches the mindset of OPSEC:

    > Y browser has a function that warns you from accidentally sharing your home address on forms, but ultimately this is up to you to control by being vigilant and no single tool or solution will ever be a silver bullet for security. If you follow this, technically you can use any browser!

    If you see anyone offering advice that doesn’t feel like it is giving you the tools to make your *own* decisions and rather pushing you to a specific tool as a solution, feel free to report them. Giving advice in the form of a “silver bullet solution” is a bannable offense.

    *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/opsec) if you have any questions or concerns.*

  2. Call their fraud department and get your Acc temporarily locked. they will have logs including device fingerprints.

    Firefox 59 is one of the firefox versions used in a version of FraudFox so i would be worried.

    >I’m guessing that they compromised the password thru public wifi

    that doesnt work anymore.

    it may be an overreaction but ive done a full sweep before for less.

  3. Spyware or a password leak from some service linked to your bank (or the bank itself) seems most likely. You mentioned plaid/mint, are you using any of those services?

    For public wifi unless your bank is using HTTP for some crazy reason, I doubt that’s where anything happened.

  4. No 2FA for bank account access?

    Depending on what has happened here, the attacker (if there is one) would have been able to gather quite a bit of information about you (DOB, full name, address, places visited, spending habits etc.), and if you are worth targeting as an individual (high profile, govt employee, politician etc) then you may have to consider some major changes (move address, change banks, start shopping at different places, stop visiting you favourite coffee venue).

    Good Luck


Leave a Reply

%d bloggers like this: