March 3rd, 2010

Online banking

In part 1 of my LUA series, I mentioned a virus that modified the HOSTS file on a PC. This meant that each time someone tried to connect to their banking website, they actually went to a fake website instead, even though they'd typed in the correct URL. This could also be a problem if your DNS server gets compromised, or if someone reconfigures your wireless router so that you use a rogue DNS server.

One way to protect yourself is to use https. If you know the correct address for the website, and you see a padlock in the address bar, you can be confident that this is the real site. (This isn't an absolute guarantee, e.g. if your PC is infected by a virus then it could add some self-signed certificates to your trusted store. However, it's certainly a step in the right direction.)Unfortunately, lots of banks haven't quite grasped this concept.

Collapse )

Edit: I've now set up a fake website to demonstrate what I'm talking about (see comments).