We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
I was linked into an online bank account!
Comments
-
Thanks for your post but it was not a random email.
Here's the link to the login page at Nationwide;
https://olb2.nationet.com/0 -
And here's a screen shot of the word doc... I have smudged some of the accounts personal details...
0 -
Hi
OK - that looks good -
http://www.networksolutions.com/whois/results.jsp?domain=nationet.com
the URL above will take you to the whois record and that looks fine. Massive security hole then by the looks of it.0 -
Thanks for your post but it was not a random email.
Here's the link to the login page at Nationwide;
https://***********
https://************.com....... is the real url for Nationwide Internet Banking, I guess the ID= gives the full login details.0 -
report it to Nationwide then... or make sure the account holder does so.0
-
I wonder what Nationwide might have to say about it...
It's over to you guys!
I must log off now as I'm up at 5am, I'll check for updates to this post in the morning.
Best regards0 -
If this is true, and it sounds like it, it's a very major security flaw. Internet banking security should check that the IP address you are accessing their site from doesn't change half-way through the transaction!0
-
I don't see this as a major security flaw by the bank.
The only reason that the OP could access the link was because some computer illiterate individual managed to copy and paste a live link from her account page, and send it to him. If she had not done that, there would be no problem.
If proof of a transaction is needed, what's wrong with getting a pdf print of the page and emailing it ?
Or better still, what's wrong with Paypal ? OK it costs but it's less risky than this situation.
Can anyone else replicate the problem with their own online banking ?Karma is a wonderful thing.
0 -
Hi, thanks for your input and I can understand what you’re saying, but many people aren’t as computer literate as yourself. There aren’t many who might know how to create a PDF from a web page. I myself might have simply pressed ‘Print Screen’ and pasted the image of the screen to a word doc.
But surely there’s no harm in copying and pasting text from a webpage? If I was to logon to this forum and then paste to you the link would you be able to post in my name? I would hope not. So how is it that I could access this account?0 -
I don't see this as a major security flaw by the bank.
It is a security flaw, I run some websites and live links to members areas do not allow access to those pages and will redirect the user to the login page. It is open to abuse, so it is in fact a lapse in their security. It is expected that online banking does not have holes in it like this.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350K Banking & Borrowing
- 252.7K Reduce Debt & Boost Income
- 453.1K Spending & Discounts
- 243K Work, Benefits & Business
- 597.4K Mortgages, Homes & Bills
- 176.5K Life & Family
- 256K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards