We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Sygma Bank website
Comments
-
Can anyone tell me one thing about Sygma cards pls? I saw some people say that you can have more than one card with them,ie Flybe, JJB, etc,is this true ? I have been accepted for silver card does this mean i can apply for maybe a JJB one in 6 months? Or can you only hold one card with them?
Thanks..0 -
I got a Flybe card in June and then applied for a Silver Mastercard last week and was accepted. To be honest 6 months weren't up when I applied.0
-
Ok thanks. I will make a note to have a go in 6 months when i had the silver card long enough. Do they give the same limit on second cards or less?0
-
-
Ok thanks. I will make a note to have a go in 6 months when i had the silver card long enough. Do they give the same limit on second cards or less?
Not sure. Might be down to how well you run your account. My Flybe card has a limit of £1000. But with the Silver card they've granted me double that.0 -
Very strange. Sygma Bank (or https://www.creationfs.co.uk) sent me a letter last week saying my account had been compromised and they were changing the account number. I thought it may be used illegally, so I checked my credit report - fine. Checked the https://www.creationfs.co.uk website and no dodgy transactions there.
Now when I go onto the site and log in, I get an error message "Unexpected Error. Please call customer services on xxxxxxxxx".
Weird
Have they been hacked?
BTW - FlyBe was the company I got the card through...0 -
Surely calling them on 0121 7024620 is what you should be doing to find out?0
-
Got the same message today when trying to check my account online,i rang up customer services and they informed me there was an error with their site which their IT department were looking into.0
-
The fact is, the site is genuine, like it was genuine yesterday and the day before.
It does not matter whether it is expired or not, the connection is still secure and any data transmitted will continue to be encrypted. Just because it expired yesterday, doesn't mean the encrypted data can be decrypted by third parties. The certificate still holds the same security integrity as it did before expiring, and being expired does not make it any "weaker".
Now if the browser stated that the certificate does not match the site it was issued for, then that would be a whole different situation.
As I said in my previous post, working in the security field, I'd have thought you would have known this?
I'm hesitant to get into this, but given its importance I thought it was worth saying. I'm no IT security expert, although I have worked with SSL security protocols in a previous life.
Anyway. as everyone says, if this error pops up, then 99.9% of the time it is because a sys-admin has forgotten to renew a certificate, and you are still completely secure.
However, the remaining 0.01% of the time, it can indeed be the only warning that a man-in-the-middle attack has occurred (http://en.wikipedia.org/wiki/Man-in-the-middle_attack). As ElkyElky says, this is incredibly unlikely because the certificate has only expired - as they say, if "the certificate does not match the site it was issued for, then that would be a whole different situation" - then I would be extremely worried. But it is still technically possible - if difficult - for the hacker to create an expired certificate and expect people to click through and ignore the error. And let's be honest, how many of us just click through anyway, and don;t even read the error to see if it is an invalid subdomain, rather than an expired certificate?
For anyone interested in the technical details - and I stress that this is highly unlikely - then what this means is that a hacker can intercept and read all communication between you and the destination website. The usual way this happens is that a virus is installed on your PC - as here with ABM Amro http://www.finextra.com/fullstory.asp?id=16750, or Citibank here http://www.finextra.com/fullstory.asp?id=15570 - and this redirects all your communication to the hacker, who then forward on the data to the bank; the bank reply as normal, and the hacker passes this information back to you, but they can read your password/personal information or (worse case) insert extra information such as fake links into the response; so they could theoretically carry out transactions on their own and edit them out and remove them from what is shown to you on your screen.
It is also possible that the hacker, instead of installing a virus, could alter the public DNS record so the website now points to a different computer, one owned by the hacker - which then copies and forwards on etc etc. Now the web-admins would have to be asleep on the job to not notice this, but a) I've met a few sys-admins...say no more and b) if the hacker times it right, it could take a few hours to correct once discovers.
Now, as I said, this is a complex attack, and vanishingly rare - but even a few stolen log-ins can give the hacker a lot of money. It's up to you to then decide what the risk/reward is for you when you see this error; you'll be fine 99% of the time, but the other 1% of the time you could see a lot of damage done. Personally, I'd probably continue if making an order from a firm, but may be more cautious with my bank details.
Incidentally, if you are using a public WiFi network (in Starbucks or whatever), it's even easier for this sort of attack to happen if the WiFi owner has bad intentions. So if you are ever on a public connection, and see this sort of error - I'd stop.
Hope this is of interest,
Cheers
Drew0 -
Very strange. Sygma Bank (or www.creationfs.co.uk)
Now when I go onto the site and log in, I get an error message "Unexpected Error. Please call customer services on xxxxxxxxx".
This error is getting annoying. I haven't been able to log in to my online account for two months now.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.3K Banking & Borrowing
- 253.7K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601.1K Mortgages, Homes & Bills
- 177.6K Life & Family
- 259.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards