I have no idea what EXACTLY happend, but here are some thoughts. 1. Windows OS computers can get infected by trojan horses, this can happen by just surfing around with your trusty old IE6 and getting a 0 day exploit injected into your Windows system. 2. If 1. happend then somebody _COULD_ get access to your PC from a remote machine. They _COULD_ also cirvumvent a Firewall if they have access to kernel level functions. All this is purely hypothetical. 3. If 2. happend, then the order would appear to IB as if the order was placed form your IP. 4. Think about it. Why didn't the fraud buy RIMM? Volume is too high, you'd need a $100 million account to move RIMM prices. They can't profit from it with a retail account. So what do they target instead? 5. Why do they buy a penny stock with your money? They can move it because INFX has super low volume. With 10k they can easily double the "stock price". 6. From some offshore account, they will SELL YOUR ACCOUNT the stocks they bought earlier. Example: They loaded up on the penny stock for 10 cents a stock and unload to your account for 40 cent. All this is possible because there is very very low volume in these penny stocks. 7. Look into your mail boxes. See all these penny stock emails? This is the same type of scammers. They try to drive up prices by ANY illegal means. Spam, hacking accounts... it seems to be worth it to these guys.
What I do: 1. I have a server (cheap old computer, in a seperate room that I lock) that is exclusively used for ordering via my IB TWS. All my charting and analysis software is running on my MAIN COMPUTER, which I use for email, surfing, etc. etc. If this main machine is compromised an attacker gains NOTHING. 2. All I run on that box is TWS, nothing else. I run Windows XP on that machine and I automatically update all Windows updates. Since TWS is Java you might even run Linux on it, probably not a bad idea. 3. I run two piece of software to secure the box a) NOD32 from http://www.eset.com. This is an industrial strength anti virus/trojan protection. b) AGNITUM FIREWALL from http://www.agnitum.com. Russian firewall. Think about it, these guys are born as hackers. Now they wrote the world's best firewall. 30 day free trial. 4. Look at this http://img291.echo.cx/img291/1924/screenkeyboard1kh.jpg This is the screenshot of the virtual on-screen keyboard found on my Windows XP. This keyboard can be accessed from Start>All Programs>Accessories> Accessibility>On-Screen Keyboard in windows XP. The main purpose of this keyboard is for mobility impaired users (who cannot type on the keyboard due to disability, but can use the mouse) I enter the usernames and passwords using this keyboard and even if there are any spyware logging keystrokes, they will not get hold of my IB TWS login information.
I like your idea of the virtual keyboard... but in some trojan you can see the screen from the victim... so in this case I think it didn't help...
Bob111 could you expand on your SSL comment? I agree 8 characters is too short for the password. Finally, it would be nice if after 3 failed logon attempts, to lock the account. That will significantly stop brute force password hacking, but have no effect on a compromised password. Also the ability to disapprove the ability for our accunts to perform wire transfers from our accounts might be productive also. I do like how the IB TWS does not auto fill in the userid after you type the first character. Anyone know how we can shut that feature off for our web browsers (firefox) and clear the histories?
Re the 8 characters ... thats only local security. If you want more security, one good option is to make your PC more secure. However the real security is in how little of personal use someone with your password can make. Your ebay passwords may be much more dangerous to your financial health - your banking passwords certainly. Transmission over the internet is encrypted with the same type of security (SSL) that banks use and you can use with encrypted email.
http://www.interactivebrokers.com/en/software/security.php i was thinking about possibility to hack data, that used by TWS user to communicate with IB server. i mean that orders data you are sending over internet from your TWS to IB travel not encrypted.. If this is true-then there is possibility, that someone else can send order from your IP address to buy or sell something. SSL will encrypt this data and reduce possibility of such event. All imo.
don't forget to post an update-- got to hear the end of this story. and they owe you an explanation the bastards.