OMG Bank of Scotland Fake Website!! Money stolen. Has anyone heard of this?

Mc4ndy

I'm not sure if my comment is relevant to this thread but I thought I'd post anyway.

From my limited experience the fake sites usually ask for full passwords etc, whereas real ones are just certain characters from it.. I think this is another indicator that something might be up. This is what I saw from phishing sites for A+L commercial.

Typo's are easy, especially if you're in a rush, or not concentrating etc and a typo seems to be what occured in this instance. I have bank sites in favourites, and have checked and double checked address, and I only every access through favourites so no typos and no phishing link mistakes can occur, but then the scammers get clever and cleverer all the time. Stories like this make me dislike the world just that little bit more. In the real world, this lady has just been mugged - would this have been her fault too? perhaps for not having learnt martial arts? I think not.

System

What a shame, it doesn't seem to be working anymore....

UNDERGROUND

Alfie_E

How on earth did this thread attract any critical posts? The OP posted a real, genuine and very important warning. The underlying website isn’t picked up by either the Firefox offline checker or the Google real-time checker.

albertross wrote: »

If they mistyped the url, It is phishing, not a trojan, so you owe some people an apology, they do know more about the subject than your BOS rep.

It’s not even phishing. Phishing is were the criminal instigates the action from the potential victim. This is typosquatting. Phishing is analogous to fishing. You need to put out bait on a line.

albertross wrote: »

one still works for me

Both domain names still resolve for me. As the DNS system relies on caching, it can take a little while to clear out all the instances of a record.

RichardJohn_2

moni72 wrote: »

Sorry but it seems you and RichardJohn are giving advice on something you don't know much about, hence the reason I am here asking for advice!

Firstly, having spoken to the BOS just now this is not referred to as PHISHING. PHISHING is more associated with emails, not fake websites. This has been some sort of trojan virus (which is too complicated to explain but is apparently explained in the security centres of banks' websites.)

It's not far fetched that it showed her her own bank account at all. It's a very clever program and the BOS Online Rep was not surprised by this.

They have confirmed that this is an imposter site and will escalate it immediately for investigation. So it seems they didn't know about this.

Thanks very much to those who responded helpfully and sympathetically which is what Martin designed the site for.

I feel sorry for the people who feel the need try and humiliate people for not being as street wise as they seem to THINK they are. Hope you are always more clever the con-artists!

Erm, yep, I don't know what I'm talking about, that's what it is!

This has nothing to do with "complicated trojans", it's simply the second step of the phishing scam. I'm willing to put money on the fact that this URL has been used in phishing emails, it's just that your family member arrived at it through a typo.

Kilty_2

TBH I think tougher control on domain registration is needed to also try and combat this kind of thing.

BTW - a trojan takes control of a user's machine in the background and performs tasks controlled by the infiltrator. This is not an example of one

Also - the only way you can login to your real account through it is by entering your details again when it hits the secure (real) BOS page. Didn't test it with my real account details, obviously :rotfl:

RichardJohn is right - don't rely on a site having HTTPS (and therefore a padlock in the status bar on your browser) - plenty of web hosting companies provide SSL certificates which would then allow them to appear secure for £15 to £20. ALWAYS check the URL that is displayed and if anything is suspicious at all (such as links not working, etc) then don't log in and contact your bank to inform them.

If you realise you've logged into such a website - logon to the real online banking gateway to change your details immediately and get on the phone to your bank to inform them. That way you've more chance of getting your money back if anything is stolen.

Rusty_2

The fraudulent site seems to put a certificate on your PC to identify the PC. Once you have 'signed in' the site then blocks access to the fraudulent site for the PC you are on. Thus, if you worry later you may have made a mistake and typed in the incorrect address and then type the incorrect address again it looks like the site is not available making the customer think that they must have got right the first time after all...clever and very nasty. It's very convincing to the novice or for someone in a hurry. I feel sorry for anyone caught by this, and very surprised BOS haven't done everything in their power to stop it - they do have the power to close on line banking until it's resolved or is this too much to ask?

moni72

Mikeyorks wrote: »

Oh dear .... you really haven't taken the time to understand anything in the bit you've quoted, have you. Too easy to simply berate anything that doesn't conform to your view of help.

So here's a helpful link :-

http://www.bankofscotlandhalifax.co.uk/securityandprivacy/whatyouneedtoknow.asp

- and it's the genuine one. It isn't a Trojan to blame - which is designed to gather the sort of info your relative gave freely, when they logged directly into the false site. And the link to phishing, that you've wholly misunderstood, is that a phishing Email will have a link to direct you to the false site.
But - owing to a typing error (as per your OP) your relative went directly to the false site. Trust that's clearer? The earlier posts were designed to be helpful, but admittedly tainted a bit by your aggression from the off.

It is the same as a phishing Email. It's just that your relative inadvertently cut out the need of the Email.

Goodnight.

Not so, what I am simply saying is that I don't know about these things so I came on here for advice, instead I was berated and belittled by yourself and RichardJohn.

And I do believe it was apparent to every other poster than I was not being aggressive but critical of the unnecessary way in which the first member responded to me.

I do apologise (which is more than I got from either of you two) if I misunderstood and if I quoted information given to me by the Bank of Scotland when I phoned them!

It is not me who is trying to appear as if I know it all.

PLEASE CONSIDER HOW YOU GIVE ADVICE IN FUTURE. SO AS NOT TO UPSET AN ALREADY UPSET MONEY SAVER!!!

moni72

Kilty wrote: »

TBH I think tougher control on domain registration is needed to also try and combat this kind of thing.

BTW - a trojan takes control of a user's machine in the background and performs tasks controlled by the infiltrator. This is not an example of one

Also - the only way you can login to your real account through it is by entering your details again when it hits the secure (real) BOS page. Didn't test it with my real account details, obviously :rotfl:

RichardJohn is right - don't rely on a site having HTTPS (and therefore a padlock in the status bar on your browser) - plenty of web hosting companies provide SSL certificates which would then allow them to appear secure for £15 to £20. ALWAYS check the URL that is displayed and if anything is suspicious at all (such as links not working, etc) then don't log in and contact your bank to inform them.

If you realise you've logged into such a website - logon to the real online banking gateway to change your details immediately and get on the phone to your bank to inform them. That way you've more chance of getting your money back if anything is stolen.

Thanks for your helpful and friendly reply. This is more like the kind of post that I would expect to get on Martin's site.

moni72

Just to let you know the money (£5K) has been returned to the account today!

The Bank indicated that these sort of transactions are all protected by their online guarantee.

As other people noted they seem to have closed down the imposter sites too.

For information, my family member indicated that she can't believe she gave out those personal details because she's normally so aware and careful. However, she was working on the computer at 3.30am and had just answered a long list of security questions at the Nationwide (genuinely them) the day before. She can't believe she gave the information out and having looked at the website again can clearly see it was fake. She has promised herself that she'll no longer be working on the bank account at that time in the morning again. Obviously she was awake but her brain wasn't fully engaged!

BTW she generally is very net-savvy having been working online since the internet's inception. Just bad timing and not being fully awake she got caught out. Lesson learned.

moni72

RichardJohn wrote: »

She should count herself lucky if she gets the money back. If you're not net-savvy enough to spot a phishing site, you shouldn't be using internet banking, or at the very least you should be using a browser that warns against them (Firefox, IE7, or using OpenDNS).

BTW she does use Firefox and has done for the last few years. It didn't warn her.