Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@.

Search
  • FIRST POST
    • olbas_oil
    • By olbas_oil 11th Sep 17, 10:49 AM
    • 168Posts
    • 83Thanks
    olbas_oil
    Santander site - malicious code?
    • #1
    • 11th Sep 17, 10:49 AM
    Santander site - malicious code? 11th Sep 17 at 10:49 AM
    I was logged into Santander, and wanted to apply for a Savings account. The screen shows a set of links on the right under the heading 'Apply Online'.
    When I hover over any of those links, I see the address 'http://ad-emea.doubleclick.net'. If I follow the link it does redirect to the correct Santander page, but via 'ad-emea.doubleclick.net' where it presumably records my visit.

    Googling 'ad-emea.doubleclick.net' suggests that it is strongly associated with malware. This is obviously very worrying on a secure online banking page. Santander twice confirmed that they do not redirect to this site and suggest that the links may be due to some local virus. but I have spent a couple of hours scanning with different products, and have found no trace.

    If you bank online, via a browser, with Santander, could you confirm that you do not have these odd links under the 'Apply Online' column (once logged in). Don't click the link itself, because it happens so fast you won't notice, but hover over the link, or right click and copy the link to paste into Notepad.
Page 1
    • RG2015
    • By RG2015 11th Sep 17, 11:10 AM
    • 298 Posts
    • 106 Thanks
    RG2015
    • #2
    • 11th Sep 17, 11:10 AM
    • #2
    • 11th Sep 17, 11:10 AM
    Hi olbas_oil,

    I get the same as you so it is not a local virus. The link is as below although I have inserted some spaces so nobody inadvertently gets directed there.

    http:// ad-emea.doubleclick.net/clk;233457561;57439610;k
    • fabsaver
    • By fabsaver 11th Sep 17, 11:13 AM
    • 840 Posts
    • 1,341 Thanks
    fabsaver
    • #3
    • 11th Sep 17, 11:13 AM
    • #3
    • 11th Sep 17, 11:13 AM
    I get the same too. If I try and click on one of the links my uBlock browser extension steps in and blocks it.
    • AndyPK
    • By AndyPK 11th Sep 17, 12:34 PM
    • 2,323 Posts
    • 618 Thanks
    AndyPK
    • #4
    • 11th Sep 17, 12:34 PM
    • #4
    • 11th Sep 17, 12:34 PM
    yeah I have those links too.
    • olbas_oil
    • By olbas_oil 11th Sep 17, 12:58 PM
    • 168 Posts
    • 83 Thanks
    olbas_oil
    • #5
    • 11th Sep 17, 12:58 PM
    • #5
    • 11th Sep 17, 12:58 PM
    Many thanks for confirming that. I am slightly relieved that it is not a local virus, but cross with Santander for stating categorically that these links were not produced by them, and recommending I use a virus scanner.
    I am used to ads appearing via google adwords etc, but this seems entirely inappropriate on a secure internet banking page. What information is being passed to doubleclick.net and why?
    • msallen
    • By msallen 11th Sep 17, 1:21 PM
    • 526 Posts
    • 439 Thanks
    msallen
    • #6
    • 11th Sep 17, 1:21 PM
    • #6
    • 11th Sep 17, 1:21 PM
    These links take you (via the redirection) to a general public page for the product in question - not one where you are logged in, so I suspect they are just the same URLs as would be used when advertising Santander products externally. No account specific info about you is passed along with the link.
    • olbas_oil
    • By olbas_oil 11th Sep 17, 1:59 PM
    • 168 Posts
    • 83 Thanks
    olbas_oil
    • #7
    • 11th Sep 17, 1:59 PM
    • #7
    • 11th Sep 17, 1:59 PM
    These links take you (via the redirection) to a general public page for the product in question - not one where you are logged in, so I suspect they are just the same URLs as would be used when advertising Santander products externally. No account specific info about you is passed along with the link.
    Originally posted by msallen
    But why the redirection? Why not a direct link to the public page? Something is being tracked...
    • SnowTiger
    • By SnowTiger 11th Sep 17, 3:18 PM
    • 3,035 Posts
    • 2,000 Thanks
    SnowTiger
    • #8
    • 11th Sep 17, 3:18 PM
    • #8
    • 11th Sep 17, 3:18 PM
    DoubleClick is owned by Google.

    It's, basically, usually used to track users and their activities.

    MSE uses a similar service called Chartbeat.
    • olbas_oil
    • By olbas_oil 11th Sep 17, 4:48 PM
    • 168 Posts
    • 83 Thanks
    olbas_oil
    • #9
    • 11th Sep 17, 4:48 PM
    • #9
    • 11th Sep 17, 4:48 PM
    DoubleClick is owned by Google.

    It's, basically, usually used to track users and their activities.

    MSE uses a similar service called Chartbeat.
    Originally posted by SnowTiger
    But who inserted those links into the webpage? Santander twice on the phone and once by secure message said that they did not generate the links, and that they have had other customers notifying them of the issue. Are they simply incompetent?

    ... and why do they need to track me from a Santander webpage to another Santander webpage. Are they paying themselves commission if I open a savings account? Or are they comparing notes with other banks, selling on customer data?
    • SnowTiger
    • By SnowTiger 11th Sep 17, 5:01 PM
    • 3,035 Posts
    • 2,000 Thanks
    SnowTiger
    But who inserted those links into the webpage? Santander twice on the phone and once by secure message said that they did not generate the links, and that they have had other customers notifying them of the issue. Are they simply incompetent?
    Originally posted by olbas_oil
    It's probably something its customer service staff isn't aware of.

    They should escalate the queries, especially as they've received several.

    ... and why do they need to track me from a Santander webpage to another Santander webpage. Are they paying themselves commission if I open a savings account? Or are they comparing notes with other banks, selling on customer data?
    Originally posted by olbas_oil
    Most large website track users and what they do.

    As I mentioned, even this website does it.

    It's useful to know what's popular and what's not and how users navigate around a website.
    • robatwork
    • By robatwork 12th Sep 17, 9:02 PM
    • 3,905 Posts
    • 4,229 Thanks
    robatwork
    Actually this is a very fair point to show the hypocrisy / incompetence of the mixed messages we get from banks.

    They are constantly sending out missives on how to avoid being scammed, and one of the main ways is to ensure the link you are clicking on matches the domain you think you are going to. Now I know that doubleclick are a very old established tracking site unlikely to give me spam, but I've been on the interweb since the 1990s. I still wouldn't click them though.

    There are other ways for Santander and the rest to track click-throughs. This really is bad web design.
    • polymaff
    • By polymaff 13th Sep 17, 7:32 PM
    • 1,676 Posts
    • 716 Thanks
    polymaff
    This isn't a specifically Santander issue. All of the banks seem to allow third parties to participate in what should be a minimal environment.

    And they all deny that they do it.
    • TrustyOven
    • By TrustyOven 13th Sep 17, 10:04 PM
    • 606 Posts
    • 639 Thanks
    TrustyOven
    NoScript reports:

    http://www.santander.co.uk/uk/savings/esaver

    wants to execute scripts from doubleclick.

    This is why I love NoScript.

    Why should we run 3rd party scripts on behalf of a site?
    Remember, those scripts are running in your browser, on your computer. Someone else's scripts. Not directly related to the site you are browsing to. On your computer. Many scare, such annoy, so Doge. Wow!
    Goals
    Save £12k in 2017 #016 (£4212.06 / £10k) (42.12%)
    Save £12k in 2016 #041 (£4558.28 / £6k) (75.97%)
    Save £12k in 2014 #192 (£4115.62 / £5k) (82.3%)
    • spenderdave
    • By spenderdave 14th Sep 17, 7:05 AM
    • 407 Posts
    • 231 Thanks
    spenderdave
    These adlinks have been used by Santander for years. When I have encountered them in the past my hosts file (MVPSHosts, now UBlock) blocked them and I had to disable my ad filter to proceed. Customer services are probably indeed unaware of them. Maybe innocent but going from a logged in secure page to one which is not is not what banks should be doing. Complain strongly once you find somebody who understands the problem.
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

1,371Posts Today

6,050Users online

Martin's Twitter
  • Shana tova umetuka - a sweet Jewish New Year to all celebrating. I won't be online the rest of t'week, as I take the time to be with family

  • Dear Steve. Please note doing a poll to ask people's opinion does not in itself imply an opinion! https://t.co/UGvWlMURxy

  • Luciana is on the advisory board of @mmhpi (we have MPs from most parties) https://t.co/n99NAxGAAQ

  • Follow Martin