Natwest Online Banking - now a pain to log in

Soldato
Joined
31 May 2009
Posts
21,257
Yes, but thats the point, where do you look for security, to the damn browser bar, nice green colour, nice locked symbol, starts with a https address, and its the correct address.

Fine that i may know the flakey bit is below, but it looks seemless, if they had asked for just a small amount of detail less than they did, or if they had not used the ATM wording, or laid out their collection boxes in a more legitimate manner, then you could have been totally caught out.

I can explain in basic terms to most people what to look for, when they should look for safety and security, but this? If asked over a phone by one of my parents? I doubt I would have been able to explain things.

My bank, Ulster Bank, a subdiv of natwest and thus of RBS, does state on their login screens, that they will never ask for your card details, nor that they will never ask for a password or a pin number in full. That would be the saving grace.
 

Aod

Aod

Soldato
Joined
7 Oct 2004
Posts
8,662
Location
London
"That site" does not have a SSL certificate! The bank has a cert. The site shown in the address bar and the site shown in the browser display area are different.

and other than the suspicious grammar and the questions that the bank would never ask, how would anyone ever know the difference? as far as anyone would be concerned, the browser telling them that the site has a valid security certificate means that, obviously, the site they are CURRENTLY seeing has a vaid cert.
 
Associate
OP
Joined
30 Jun 2010
Posts
761
Location
UK
Hikari & Aod, that's exactly the point :) When all else looks fine, then only the questions would arouse suspicion and if they had been less obtrusive then I would have had no idea of the scam until I next checked my account to see it had been emptied. It's a clever and scary attack, but where does the vulnerability lie? It affected both browsers so whose responsibility is it to fix?

@Hikari, I downloaded nothing out of the ordinary, I'm pretty good with not opening random .exe's and visiting 'dodgy' sites and even so, NOD32 is running at every bootup, so... :confused:
 
Soldato
Joined
23 Sep 2005
Posts
5,465
Location
Fife
and other than the suspicious grammar and the questions that the bank would never ask, how would anyone ever know the difference? as far as anyone would be concerned, the browser telling them that the site has a valid security certificate means that, obviously, the site they are CURRENTLY seeing has a vaid cert.

They wouldn't.

You can put all kinds of security measures into your browser, but if its compromised via a rootkit or similar, the failsafes are worthless.

I would *hope* that using Firefox or Chrome wouldn't allow the rootkit to install in the first place, hence my earlier suggestion for using another browser.

If you're in the habit of surfing "dodgy" sites, I would create a VM just for this.
 
Associate
Joined
28 Sep 2005
Posts
1,282
Location
London
OP:
Currently about the safest way to use online banking would be to have a VM on your PC with some flavour of Linux on it (doesn't have to be but it's less of a malware target) and use that solely for internet banking and high security stuff. Keep your everyday browsing on your normal XP/Vista/7 install. That way anything you pick up from bumming around the web is kept totally separate of your secure browsing.
An additional bonus is if it's a shared PC other people's poor internet security habbits can't compromise your financial dealings either. Afterall, if a PC is shared, any one of it's users could have contracted the rootkit, and could do so again.

To some that would sound OTT but having just been duped yourself...would you risk being caught out again? The scams are only going to evolve and get better as time passes.
 
Soldato
Joined
24 Nov 2002
Posts
16,378
Location
38.744281°N 104.846806°W
OP:
Currently about the safest way to use online banking would be to have a VM on your PC with some flavour of Linux on it (doesn't have to be but it's less of a malware target) and use that solely for internet banking and high security stuff. Keep your everyday browsing on your normal XP/Vista/7 install. That way anything you pick up from bumming around the web is kept totally separate of your secure browsing.
People have too much time on their hands.
 
Associate
OP
Joined
30 Jun 2010
Posts
761
Location
UK
Yes indeed, it's all so obvious now :p Those warnings are like the stickies on this forum, they're there every time you log in so after a while you end up just glossing over them.

Lesson learned though etc.
 
Soldato
Joined
31 May 2009
Posts
21,257
Hikari & Aod, that's exactly the point :) When all else looks fine, then only the questions would arouse suspicion and if they had been less obtrusive then I would have had no idea of the scam until I next checked my account to see it had been emptied. It's a clever and scary attack, but where does the vulnerability lie? It affected both browsers so whose responsibility is it to fix?

@Hikari, I downloaded nothing out of the ordinary, I'm pretty good with not opening random .exe's and visiting 'dodgy' sites and even so, NOD32 is running at every bootup, so... :confused:

Still wonder what the hell the source of this is.
Thats the most worrying aspect.
Is your computer shared?
 
Back
Top Bottom