We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
hacked in even with rapportalliance-leicester
Comments
-
There is a link on that page that's broken (it says http://www.alliance-leicester.co.uk, but redirects to file:///). It's probably that one.Every time i try to access the first page of this thread i get this warning from my av
Requested URL:hxxp://forums.moneysavingexpert.com/showthread.html?t=2357223 Information:Contains recognition pattern of the HTML/Spoofing.Gen HTML script virusHas someone posted an infected link or something ?
Had to change the http ( not allowed to post links, as a new user )0 -
Hi, done as you said,127.0.0.1 local host found. underneath ::1 local host found. Is this ok. every entry after that has that code,thousands of them, I think what you say about A&L is correct.I remember the post as that was the same time I installed Rapport. Typed it in since and gone to secure site ok.Thanks again, forever in your debt. Good job there,s not a bar, cost me a fortune.What you are looking for is a file on your computer. It's a text file, so you need to open it using a text editor, such as Notepad. If you load Notepad first, you can then use it to open the file (using File -> Open) and then change the bit at the bottom that says "Text Documents - *.txt" to "All files - *.*". You can then find the file, which is located in the C:\Windows\System32\drivers\etc folder and is called "hosts".
It sounds to me like the link you have in your favourites is taking you straight to the online banking page at A&L (mybank.alliance-leicester.co.uk), but when you type in www.alliance-leicester.co.uk, you are getting redirected to the spoof sites, or a spoof login form is being injected into the real A&L page (which happened to somebody else recently here).0 -
That sounds ok. Anything starting 127.0.0.1 or ::1 is redirecting back to your computer. It's a clever way of blocking access to known bad sites. Those thousands of other entres would have been put there by some security software you have/had on your PC.Hi, done as you said,127.0.0.1 local host found. underneath ::1 local host found. Is this ok. every entry after that has that code,thousands of them, I think what you say about A&L is correct. Typed it in since and gone to secure site ok.Thanks again, forever in your debt. Good job there,s not a bar, cost me a fortune.0 -
A little tip about bookmarks and their vulnerability to being changed by a virus.
I created a web page, hosted on my own computer, to use as home page. It has links to all my frequently used sites (such as moneysavingexpert.com), and a link to a further page with all my financial sites (the trouble with chasing high rates is all the accounts that get opened). So it's just one or two clicks to get to the log-in page, but any malware would have to search the whole of my hard disks, then recognise the correct link to change - that's if it could get on my machine in the first place.Eco Miser
Saving money for well over half a century0 -
That won't protect you if the malware inserted some entries in your hosts file, or intercepted the DNS queries from your computer. Either of those things could be used to misdirect your browser to a different IP address, even though the URL in your browser is correct.A little tip about bookmarks and their vulnerability to being changed by a virus.
I created a web page, hosted on my own computer, to use as home page. It has links to all my frequently used sites (such as moneysavingexpert.com), and a link to a further page with all my financial sites (the trouble with chasing high rates is all the accounts that get opened). So it's just one or two clicks to get to the log-in page, but any malware would have to search the whole of my hard disks, then recognise the correct link to change - that's if it could get on my machine in the first place.0 -
Cheers, I,m still looking at the live disk option, just plucking up the courage to change Bios 2 to 1, boot option.Just a bit wary of meddling within Bios until I know how to rectify any error on my behalf, which, knowing me, will occur. The eternal pessamist.That sounds ok. Anything starting 127.0.0.1 or ::1 is redirecting back to your computer. It's a clever way of blocking access to known bad sites. Those thousands of other entres would have been put there by some security software you have/had on your PC.0 -
That's true, but neither will typing the URL directly into the browser, nor any other way of getting to the desired site other than knowing the true IP address and using that - which is not a method I've seen advocated anywhere.That won't protect you if the malware inserted some entries in your hosts file, or intercepted the DNS queries from your computer. Either of those things could be used to misdirect your browser to a different IP address, even though the URL in your browser is correct.Eco Miser
Saving money for well over half a century0 -
...or you could just get to the site by any method you wish in the knowledge that you might not be at the site you think... and then check the SSL certificate to confirm you're in the right place before proceeding. URLs should not be trusted to get you to your internet banking website, whether they are in bookmarks, custom made web pages or typed into a browser.That's true, but neither will typing the URL directly into the browser, nor any other way of getting to the desired site other than knowing the true IP address and using that - which is not a method I've seen advocated anywhere.0 -
Quite, but as earlier in this thread the bank was warning specifically against using bookmarks, and someone else suggested using a search engine, I thought I'd provide my method of remembering the URL, safer than bookmarks and easier than typing.URLs should not be trusted to get you to your internet banking website, whether they are in bookmarks, custom made web pages or typed into a browser.
Are SSL certificates really unspoofable?Eco Miser
Saving money for well over half a century0 -
They use public key cryptography and the most recent implementation is very robust, so they are theoretically unspoofable.Are SSL certificates really unspoofable?
The certificate contains the public key of the server, which is used to set up the encrypted connection. Since only the genuine website will be in possession of the matching private key, an encrypted connection cannot be set up between your computer and any website other than the one the certificate was intended for.
The certificates are also digitally signed by a certifying authority. This means that you know that some checks have been done on the website owner (especially with the extended validation certificates, where you can be somewhat sure that the website really belongs to the owner listed in the certificate). You also know that the signed certificate cannot have been tampered with. If you trust this CA (for example VeriSign or Equifax) then you can be sure the certificate is genuine, BUT it is necessary to check that the CA is known to you (and doesn't suddenly change), because it's possible to configure a browser to trust certificates from anyone.
So, you have a certificate that you can verify is authentic, which can only be used by the genuine website. If the details on the certificate match the site you are trying to reach, you can be sure you are communicating with that website.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.1K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards