Santander site - malicious code?
Options
olbas_oil
Posts: 318 Forumite
I was logged into Santander, and wanted to apply for a Savings account. The screen shows a set of links on the right under the heading 'Apply Online'.
When I hover over any of those links, I see the address 'http://ad-emea.doubleclick.net'. If I follow the link it does redirect to the correct Santander page, but via 'ad-emea.doubleclick.net' where it presumably records my visit.
Googling 'ad-emea.doubleclick.net' suggests that it is strongly associated with malware. This is obviously very worrying on a secure online banking page. Santander twice confirmed that they do not redirect to this site and suggest that the links may be due to some local virus. but I have spent a couple of hours scanning with different products, and have found no trace.
If you bank online, via a browser, with Santander, could you confirm that you do not have these odd links under the 'Apply Online' column (once logged in). Don't click the link itself, because it happens so fast you won't notice, but hover over the link, or right click and copy the link to paste into Notepad.
When I hover over any of those links, I see the address 'http://ad-emea.doubleclick.net'. If I follow the link it does redirect to the correct Santander page, but via 'ad-emea.doubleclick.net' where it presumably records my visit.
Googling 'ad-emea.doubleclick.net' suggests that it is strongly associated with malware. This is obviously very worrying on a secure online banking page. Santander twice confirmed that they do not redirect to this site and suggest that the links may be due to some local virus. but I have spent a couple of hours scanning with different products, and have found no trace.
If you bank online, via a browser, with Santander, could you confirm that you do not have these odd links under the 'Apply Online' column (once logged in). Don't click the link itself, because it happens so fast you won't notice, but hover over the link, or right click and copy the link to paste into Notepad.
0
Comments
-
Hi olbas_oil,
I get the same as you so it is not a local virus. The link is as below although I have inserted some spaces so nobody inadvertently gets directed there.
http:// ad-emea.doubleclick.net/clk;233457561;57439610;k0 -
I get the same too. If I try and click on one of the links my uBlock browser extension steps in and blocks it.0
-
yeah I have those links too.0
-
Many thanks for confirming that. I am slightly relieved that it is not a local virus, but cross with Santander for stating categorically that these links were not produced by them, and recommending I use a virus scanner.
I am used to ads appearing via google adwords etc, but this seems entirely inappropriate on a secure internet banking page. What information is being passed to doubleclick.net and why?0 -
These links take you (via the redirection) to a general public page for the product in question - not one where you are logged in, so I suspect they are just the same URLs as would be used when advertising Santander products externally. No account specific info about you is passed along with the link.0
-
These links take you (via the redirection) to a general public page for the product in question - not one where you are logged in, so I suspect they are just the same URLs as would be used when advertising Santander products externally. No account specific info about you is passed along with the link.
But why the redirection? Why not a direct link to the public page? Something is being tracked...0 -
DoubleClick is owned by Google.
It's, basically, usually used to track users and their activities.
MSE uses a similar service called Chartbeat.0 -
DoubleClick is owned by Google.
It's, basically, usually used to track users and their activities.
MSE uses a similar service called Chartbeat.
But who inserted those links into the webpage? Santander twice on the phone and once by secure message said that they did not generate the links, and that they have had other customers notifying them of the issue. Are they simply incompetent?
... and why do they need to track me from a Santander webpage to another Santander webpage. Are they paying themselves commission if I open a savings account? Or are they comparing notes with other banks, selling on customer data?0 -
But who inserted those links into the webpage? Santander twice on the phone and once by secure message said that they did not generate the links, and that they have had other customers notifying them of the issue. Are they simply incompetent?
It's probably something its customer service staff isn't aware of.
They should escalate the queries, especially as they've received several.... and why do they need to track me from a Santander webpage to another Santander webpage. Are they paying themselves commission if I open a savings account? Or are they comparing notes with other banks, selling on customer data?
Most large website track users and what they do.
As I mentioned, even this website does it.
It's useful to know what's popular and what's not and how users navigate around a website.0 -
Actually this is a very fair point to show the hypocrisy / incompetence of the mixed messages we get from banks.
They are constantly sending out missives on how to avoid being scammed, and one of the main ways is to ensure the link you are clicking on matches the domain you think you are going to. Now I know that doubleclick are a very old established tracking site unlikely to give me spam, but I've been on the interweb since the 1990s. I still wouldn't click them though.
There are other ways for Santander and the rest to track click-throughs. This really is bad web design.0
This discussion has been closed.
Categories
- All Categories
- 343.2K Banking & Borrowing
- 250.1K Reduce Debt & Boost Income
- 449.7K Spending & Discounts
- 235.3K Work, Benefits & Business
- 608.1K Mortgages, Homes & Bills
- 173.1K Life & Family
- 248K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards