I had a call today from one of our clients saying the Halifax had told her she has a virus.
Basically she'd gone to log into their online banking, the first stage is to put in a username and password, then you're asked for 3 letters from your memorable word, however it was asking for the entire word and your date of birth.
She'd ran a scan with AVG which found nothing, then called us. Thankfully she hadn't put in her memorable word.
I connected to her PC and she showed me what was happening.
The typed in the address for the Halifax website and followed the links to internet banking. She put in her username and password and went to the next stage where it asked for the full word etc.
At the top was the correct address, showing green (she's using IE11) for a legitimate SSL certificate for Halifax. The malware overlayed a frame to obtain the memorable word and date of birth, and I have no doubt it would probably be able to detect the 3 letters requested and enter them so you'd log in and not thing anything was wrong.
Downloading and installing malwarebytes cleaned the system with a quick scan and the login page went back to asking for 3 letters.
I doubt only the Halifax is targeted by this sophisticated malware, so be on your guard if you use internet banking!
This is the place for posts that don't fit into any other category.
Messages: 4 • Page 1 of 1
- NOT Alistair or Simon
- Posts: 10222
- Joined: 01 Apr 2012, 09:47
- x 910
Although I don't do Internet banking, my mother does, so I have sent her a link to this post. Thanks.
Good post Xac. I'm aware of this already, doing what I do, but many others will not be..
- Posts: 1148
- Joined: 03 May 2009, 22:07
- x 2
Thanks Xac, a useful reminder to stay on our toes, & ensure we're always on the look-out for suspicious events/activities. Alas it's the penalty we pay for "progress".