Phishing Virus affecting Tesco Banking website

I was recently called out to a customer who was having trouble logging in to her bank account (credit card) online. She was using Chrome to login to Tesco bank, and the symptoms she described to me immediately made me suspect there was something amiss with her computer.

She would go to the website and put in her username on the first page and click login. This would immediately take her to the “You have logged out” page.

She had contacted Tesco about this and been talked through trying the same thing with Internet Explorer, but with very different results. The amazing thing was that the support advisor made her do things that would compromise her account and then didn’t help her change her security details afterwards.

This is an account of what she saw, and what I subsequently reproduced later.

Screen One – Tesco Bank login screen – As expected

TescoSShotLogin

Username was entered into this screen and the Login button was pressed.

Next page – Where things get more suspicious…

Heartbleed – The Basics

heartbleed.jpgThere has been a lot of publicity recently about the Heartbleed Bug, but a lack of a basic explanation of how it affects people and what they can do about it. The advice and information given out by security companies should be considered more expert than this page, but this is an attempt to make the information more accessible to the non-technical.
A Q&A page answering some questions about the bug can be found here http://heartbleed.com/ . It may, however, be too technical to be useful to many.

OpenSSL is the technology used by many, but not all, sites on the internet that encrypt data to protect it during transmission. The bug means that it is possible for someone to access the data that is encrypted by affected versions of OpenSSL. It does this by compromising the keys used to encrypt the data. The versions of OpenSSL that are vulnerable in this way have been around for a couple of years so many sites around the web are affected.

What can you do?

There is a limit to what you as a user can do to protect yourself from this, as it is mainly based at the website end rather than at your computer (although routers and other devices can also be affected). However, if you want to be as safe as possible you can change your passwords for affected sites. This will only work if the site in question has fixed the bug in their system by updating their version of OpenSSL, so go to the website and check first, or consult the lists mentioned below. Changing your password before the site has been fixed will be wasted effort.

To find out whether a particular site is vulnerable, users of the Mozilla Firefox can download and install an add-on that automatically checks sites from here https://addons.mozilla.org/en-US/firefox/addon/heartbleed-checker/

Other users can test whether a site is vulnerable or has been fixed by going to this site https://lastpass.com/heartbleed/ and putting in the address of the site in question.

Check the organisations with which you hold sensitive information, ie banks, social media and email. If they were affected but have now issued a fix, change your password. If they are affected but haven’t patched there’s not a lot you can do yet. A list of a lot of major websites and whether they are affected can be found here http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

Home routers can also be affected, so it is worth checking the website of the manufacturer of your router to see if it is affected and if there is an update for the router firmware available.

Some websites have been proactive about informing their users of the dangers of Heartbleed, often by emailing and requesting that users change their passwords. It is important that you do not let this take precedence over advice you may have been given not to click on links in unsolicited email. It would be very bad practice (although some sites including Mumsnet have done it) to email users and request that they click on a link to change their password. Do not click on these links. Go to the site in question and do it from there. It would not be at all surprising to find senders of spam and “Phishing” emails sending out fakes email over the next few weeks claiming to be legitimately requesting you to change your password in an attempt to get you to give it away. If in doubt, hover the cursor over the link and the real destination will be shown in a little pop-up box, or in the bar along the bottom of your browser or mail client window. If it doesn’t look right or you are in any doubt you should never click a link in an email.

That’s about all you can do, I hope this helps!

Merry Christmas from HolmPC

A very Merry Christmas to everyone from HolmPC.

I’d like to thank everyone for their custom in 2012 and hope that all our customers are satisfied with the service.

Hopefully early 2012 will see a major revamp of the website, and more regular blog posting.

HolmPC computer repair and support Blog introduction

HolmPC is a computer repair, support, maintenance and training company based in North Holmwood, near Dorking.

My name is Matt, and I am a computer engineer with 15 years experience in small, medium and large IT companies. When you work in an computing environment in a company of only 5 people, you get used to doing a little bit of everything, and so over the years I picked up many tips and tricks. Windows has changed much in that time, and there’s always more to learn! I decided I wanted to help people into computing rather than consulting in London, so I set up HolmPC in April 2011.

We aim to help with all types of computing problem, from the simplest to the more complex. We understand that the whole idea of computing can be daunting to start with, and there is nothing more satisfying than helping someone new to take their first steps with a computer.

There are so many things that you can do with a computer to enhance your life that the time has come that everyone can benefit, even the most hardened technophobe! Whether it’s talking to your grandchildren the other side of the world on Skype, or just ordering your weekly groceries, the power of the Internet is now undeniable.

I like to think that what makes us different is attitude. Many computer companies laud their knowledge over the less well-informed. People are made to feel uncomfortable because they don’t know their RAM from their ROM, or their floppy drive from their hard drive. I know what this is like from many other subjects (some of my friends do the same to me regarding mountain-biking, of which I know next to nothing but still enjoy) and I do my utmost to avoid making people feel bad just because they are starting something new.

I’m hoping to post items to this blog to help people with the sort of problems they shouldn’t have to call out a company and pay to get solved. Hopefully I can help people to solve the simple things themselves, and save money! If you have a particular problem you’d like me to cover, please let me know and I’ll do my best to help.