Results 1 to 6 of 6

Thread: Hit by a Cloned Banking website

  1. #1

    Question Hit by a Cloned Banking website

    Hi All,

    yesterday I went to my bank's wbsite to access my account online.
    I saw that it was asking all the details (including security details) at the first page and
    being suspicious I called bank they told me that I'm diverted to a cloned website.
    I access the site from my friend's PC it works perfectly fine.
    Could anyone pleae tell me how can I fix this issue on my laptop so that I go to the correct website.

    Darknite
    The more one comes to know a man the more one admires a dog.

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    How up2date is your system? And what OS is it?
    Any anti-virus? Which one? Is that up2date?

    Have a look at your hosts file (c:\windows\system32\drivers\etc\hosts.). Review your TCP/IP settings, most notably the DNS settings.

    Run something like malwarebytes.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    also download and run combofix, and maybe give spybot search and destroy a run.

    im thinking maybe some DNS poisoning has taken place.

  4. #4
    AO's Filibustier Cheap Scotch Ron's Avatar
    Join Date
    Nov 2008
    Location
    Swamps of Jersey
    Posts
    378
    i agree with teabags.

    If the DNS and default gateway settings look OK on your machine, check the router's settings. I've seen cases where the workstation DNS gets changes to the routers address and the routers DNS is poisoned.

    Also, if the router was compromised, reset it and change the admin password. Cant tell you how many times I go to fix a problem only to find out the router password is still set to the default.
    Last edited by Cheap Scotch Ron; March 26th, 2009 at 12:15 PM. Reason: also...
    In God We Trust....Everything else we backup.

  5. #5
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Speaking of routers, do make sure you haven't been hit by Psyb0t..

    http://www.dronebl.org/blog/8
    http://www.adam.com.au/bogaurd/PSYB0T.pdf
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  6. #6

    Thumbs up

    Quote Originally Posted by SirDice View Post
    How up2date is your system? And what OS is it?
    Any anti-virus? Which one? Is that up2date?

    Have a look at your hosts file (c:\windows\system32\drivers\etc\hosts.). Review your TCP/IP settings, most notably the DNS settings.

    Run something like malwarebytes.
    Thanks for the advice SirDice, I've checked my AV, and found them up2date.
    hosts file was fine. TCP/IP and DNS settings I've checked, but not an expert to find anything
    wrong there.
    Then I tried malwarebytes, ran a quick scan, It picked up and delete the files, then I access my bank site and Voila, problem was fixed. I was accessing the real site rather than cloned site.

    Cheers.
    Darknite
    The more one comes to know a man the more one admires a dog.

Similar Threads

  1. Website Administration
    By jethro in forum The Security Tutorials Forum
    Replies: 4
    Last Post: August 9th, 2006, 10:13 AM
  2. Website to website malware scanning
    By Aspman in forum Spyware / Adware
    Replies: 20
    Last Post: November 21st, 2005, 09:07 AM
  3. Create a nice security for your website
    By Shrekkie in forum Tips and Tricks
    Replies: 1
    Last Post: June 11th, 2004, 05:41 AM
  4. Click for Traffic: Free website promotion
    By Negative in forum Other Tutorials Forum
    Replies: 6
    Last Post: December 29th, 2003, 08:05 PM
  5. Online Banking help!
    By Computernerd22 in forum AntiOnline's General Chit Chat
    Replies: 12
    Last Post: March 13th, 2003, 05:15 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •