-
March 26th, 2009, 10:33 AM
#1
Member
Hit by a Cloned Banking website
Hi All,
yesterday I went to my bank's wbsite to access my account online.
I saw that it was asking all the details (including security details) at the first page and
being suspicious I called bank they told me that I'm diverted to a cloned website.
I access the site from my friend's PC it works perfectly fine.
Could anyone pleae tell me how can I fix this issue on my laptop so that I go to the correct website.
Darknite
The more one comes to know a man the more one admires a dog.
-
March 26th, 2009, 10:53 AM
#2
How up2date is your system? And what OS is it?
Any anti-virus? Which one? Is that up2date?
Have a look at your hosts file (c:\windows\system32\drivers\etc\hosts.). Review your TCP/IP settings, most notably the DNS settings.
Run something like malwarebytes.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
March 26th, 2009, 11:28 AM
#3
also download and run combofix, and maybe give spybot search and destroy a run.
im thinking maybe some DNS poisoning has taken place.
-
March 26th, 2009, 12:11 PM
#4
i agree with teabags.
If the DNS and default gateway settings look OK on your machine, check the router's settings. I've seen cases where the workstation DNS gets changes to the routers address and the routers DNS is poisoned.
Also, if the router was compromised, reset it and change the admin password. Cant tell you how many times I go to fix a problem only to find out the router password is still set to the default.
Last edited by Cheap Scotch Ron; March 26th, 2009 at 12:15 PM.
Reason: also...
In God We Trust....Everything else we backup.
-
March 26th, 2009, 01:29 PM
#5
Oliver's Law:
Experience is something you don't get until just after you need it.
-
March 26th, 2009, 01:34 PM
#6
Member
Originally Posted by SirDice
How up2date is your system? And what OS is it?
Any anti-virus? Which one? Is that up2date?
Have a look at your hosts file (c:\windows\system32\drivers\etc\hosts.). Review your TCP/IP settings, most notably the DNS settings.
Run something like malwarebytes.
Thanks for the advice SirDice, I've checked my AV, and found them up2date.
hosts file was fine. TCP/IP and DNS settings I've checked, but not an expert to find anything
wrong there.
Then I tried malwarebytes, ran a quick scan, It picked up and delete the files, then I access my bank site and Voila, problem was fixed. I was accessing the real site rather than cloned site.
Cheers.
Darknite
The more one comes to know a man the more one admires a dog.
Similar Threads
-
By jethro in forum The Security Tutorials Forum
Replies: 4
Last Post: August 9th, 2006, 10:13 AM
-
By Aspman in forum Spyware / Adware
Replies: 20
Last Post: November 21st, 2005, 09:07 AM
-
By Shrekkie in forum Tips and Tricks
Replies: 1
Last Post: June 11th, 2004, 05:41 AM
-
By Negative in forum Other Tutorials Forum
Replies: 6
Last Post: December 29th, 2003, 08:05 PM
-
By Computernerd22 in forum AntiOnline's General Chit Chat
Replies: 12
Last Post: March 13th, 2003, 05:15 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|