Netflix won’t let me logon through my VPN. I’m cool with that because I understand they have copyright responsibilities under present laws. Anyway I only access the Aussie Netflix through our Aussie account. I am not breaking any laws. I just like the extra security of the VPN.
But twice in the last fortnight I have been locked out of my Commonwealth Bank Account. When I get onto the phone support, I am told I have a virus, that my password has been reset and that my personal questions will have to be changed. I am directed to download McAfee Stinger and run it before doing the foregoing. Of course, I don’t have a virus. On the second time, the CBA support person says she’s had other customers with the same VPN issue. I found Westpac won’t let me logon behind the VPN, but at least their scanning software seems to know it’s not a “virus”.
I have never had an issue with the CBA logging in . I use a VPN regularly . If it is a matter of your ISP address changing , in Australia we generally have a "dynamic " setting for our ISP address as a default setting in any case . Every time you turn your modem off and on a new ISP is generated , unless you have ticked " static " and wish to retain the same ISP address . I know for a fact over the last few weeks the CBA site has been down over night a number of times for updates and mods . Maybe this could be causing you a problem , although I have not experienced it ./
Regarding your VPN . The only time I have had similar issues was when I used ExpressVPN and BufferedVPN . Check the post on this forum ":Best VPN services . It may be of some use to you .
Beware banking phone support. Most of them have a scripted response that often concludes with “you have a virus, blah blah”. A few years ago I got an email solicitation from my bank, Westpac. I checked all the underlying source to be sure it looked dinkum before going to the linked site.
At the linked site, showing in the Westpac domain, I became suspicious and stopped, rang their support line to ask if this was indeed one of their campaigns, or have I fallen for something.
“OMG, alert, alas, virus, scam, must cancel your card, blah blah”. I questioned their advice based on knowing a bit about domain addressing and so on but they would have none of it to deviate from their script. A week later I got my new cards and the suspicious web site was confirmed as a Westpac campaign, implemented by some over-employed people.
I lit up their complaint line.
Take CBA’s advice about a VPN for what it might or might not be worth. You might try the Opera browser that has an inbuilt VPN feature. The VPN on-off control is at the left side of the https lock symbol.
If it does turn out to be a VPN block it might be worth a formal complaint. This is a recent consumer article with the pluses and minuses. If they are indeed blocking VPNs they are catering to government spying not providing security services; ask for them to state what they are doing in writing and complain to your MP as it could be a political not technical issue.
I have had the CBA issue twice. Both times using the VPN to appear as if coming for Euro countries. I have since used it as an Australian server address and not had the issue. When I had the problem of Commbank blocking me I knew what the issue was and told the help desk it was because I was using a VPN and they restored my access. This still meant however having to get a new password (not really an issue as I change it regularly), having to change my secret questions, and the first time having to enroll in Netcode.
So I think the CBA threat analysis software is picking up the new country and based on that it is blocking access thinking that your data has been compromised and someone else may be logging in. Annoying when it happens because of the changes you have to make but I am also grateful they are taking the time and effort to be sure your data is safer (not safe as this is impossible in this day and age).
Thanks vax2000. I’m using HMA and have for some years now (before VPN was popular–it just seemed a good idea). The only difference is that I have it on as a default. Right now my IP without the VPN is 180.150.38.226 which iplocation.net shows as in Melbourne (as expected). Switch on the VPN and my IP shows as 168.1.129.36 (on this occasion) which iplocation.net shows as being EITHER in Melbourne, or in the USA. The question I have is: Why did ExpressVPN and BufferedVPN cause “similar issues”?
Thanks grahroll. I don’t feel quite so alone. I agree with your analysis as the probable cause. I’m grateful for their diligence, too. Trouble is, I am sure to try to logon without first shutting down the VPN and have to go through this annoying rigmarole again. Using the Internet used to make things easy. Maybe I’ll get in the car and drive to the branch. It’d be quicker.
In retrospect Graham I realised I would have only been using an Australian server on my VPN , mainly for speed reasons ,when I logged into the CBA . I only drop about %10 over normal speeds , Telstra Telco , when the VPN is turned on . Perhaps if I was to use the European or other off shore servers I may have the same issues ./
Timely advice to me .Thank you .
@grahroll and @vax2000, I have encountered geoblocking but not with my financial institutions. The mere spectre could make international travel “very interesting” when your bank blocks you when you check your accounts from afar.
The CBA do advise you to let them know when you are traveling overseas, probably for this very reason. They also advise using Tele Banking rather than NetBank when OS to avoid info theft.
Anyone know how they would detect that I am behind a VPN? Obviously Netflix seems to know even though I only want to watch the Aussie service. I just logged into my account via the iPad app, also behind the same VPN. Seems to work and so far no triggered response from CBA. Mystified.
Suncorp is the same and they also strongly suggest you notify them of overseas travel and countries you will travelling to…if one plans to access account/use credit or debit cards overseas
If one doesn’t, there is a risk cards will be put on hold/automatically cancelled due to unforseen overseas transactions.
Agree with @grahroll about access from overseas IP addresses…it is a part of their anti-fraud/theft systems.
They, the Netflix, Hulu and so on providers, get traffic from IP addresses that over time show many multiple accounts using them, the IP addresses resolve to a known VPN service, they know where you live and your location via IP address is vastly different. They use all these and probably more tools to find if you are using a VPN or a proxy and then they block that address or range of addresses. They do provide contact details if you think you are being blocked incorrectly so that you can talk to their support personnel.
I think the bank mostly is picking up widely differing locations to your real location and are acting on that discrepancy rather than picking up that you are using a VPN, On the 2 occasions I was blocked I had said I was using a VPN and they responded that possibly was the reason and gave me back my access, I didn’t even have to run the McAfee tool they suggest normally. I currently use my VPN set to Australia now when contacting the bank and have not had any further blocks put in place to my Netbank. I don’t think that they would officially confirm how they do the detecting as this probably would help allow unscrupulous people to avoid being nabbed but I think the evidence is pretty solid.
You may be suffering an IP and/or a DNS leak, your RTCPeerConnection may be enabled. Your IP address should only resolve to where you are supposed to be coming from via your VPN. Go to this address and see what results you get:
@PhilT Yeh Phil you really have to feel sorry for the Banks . Making $ 2 billion plus profit a quarter . My heart bleeds for them . How do they survive ???
Tapadh leat
It is always the way, a very few ruin it for the rest of us. If criminals and terriorists did not exploit the benefits (which they do to try to stay anonymous), there wouldn’t be an issue with VPNs.
I can understand the banks though. They use https and I understand technically VPNs are not really needed as data between the user and the bank is already encrypted…I expect they would argue that using a VPN would reduce level of security especially if the traffic through the VPN is being watched. The banks can’t control what happens to the data is it goes through a VPN.
Two points, one being that https through a VPN is still https although it could be recorded for off-line cracking, and the other that they cannot control the ISP servers and network routers either. Much of a muchness in many ways. At what point is an excuse a valid reason rather than just a lame or lazy excuse?
