I would like to know if the subject line is possible, and if so, how to detect it.
The issue arises as follows:
i) Yesterday I noticed that my available credit card balance was around £1000 lower than expected.
ii) I contacted my bank (Nationwide) to ask what the pending charges were. I did not recognise any of them.
iii) They informed me that the charges were all made via a device that I had used to make other, earlier, transactions. They told me some of these transactions and I was able to identify the device as my home laptop (it's a gaming laptop and has never left my desk). No other person has access to my apartment or my laptop. They say that they were able to confirm this by something called 'DeviceID'. They confirmed that this is not MacID, VolID, or IP, but would not go into any further details.
iv) I was able to obtain the times of the transactions from Nationwide. Three of the transactions occurred at a time when I was at the laptop, using it to watch Youtube videos and also to watch SkySports. The fourth transaction occurred while I was asleep.
v) I have checked my laptop with Malwarebytes and a couple of other antiviruses. I have checked my running processes one by one. I have run Netstat but not sure I would know a suspicious IP if I saw one and checking them manually seemed difficult. I have never installed any remote access software such as Teamviewer of any kind.
vi) (If it matters) My laptop is not connected by Wifi. I have (and at all material times had) an ethernet cable plugged into it directly from the router.
vii) (Also if it matters) Until I contacted my bank I had not the slightest idea that anything might possibly be wrong with my laptop. Malwarebytes has never found a threat, the laptop runs smoothly and fast without any slowdowns and just generally functions like one would expect a high-end gaming laptop to function.
Basically I don't think there is anything wrong with my laptop and think my bank are full of it when they say the transactions were made from my laptop. I think they are either (i) incompetent; or (ii) saying that my laptop is the source of the transactions so that they can deny my refund request (likely due to carelessness rather than malice).
First: is it even possible that someone else had access to my laptop remotely without my knowledge in this way? Second: if it is possible how could I find out if it was happening?