I have never been some one to type up my thoughts into a blog. However, you have to start some where....
This morning I got a E-Mail from Chase regarding my account. The E-Mail stated that they were closing out my old WaMu account and moving all my info over to the Chase system. My first thought was "Didn't they do that already" then I thought "well, they have a lot of customers to move" so I opened the E-Mail. The E-Mail said it was from "Chase Online Banking
". So I thought nothing of it. Then next test that I do is to see if the content of the E-Mail is text or if its a photo. So I tried to copy the text and I was successful! Below is a photo of the E-Mail.
Now that you have looked over the E-Mail, do you see any problems with it? I did! In the second line of text in the first paragraph it reads "Because We Moving On New Security System ,Wamu". I see a few BIG problems with that sentence. First, at the word "Need" the rest of the paragraph, with the exception of the bold part, is all initial caps. Second, is it just me or does that sentence have BAD grammar?
So if that was not enough to clue me into THIS IS A HACKER AND I WANT YOUR INFO! I decided to give the link a try. This is where it gets really scary! Below is the web site that I went to after following the link. Everything looks good to me. It looks like the normal Chase site.... but is it?
Take a look again at the URL....
It is "www.chase.com.ssl.account......" So i think I'm on Chase.com.... but am I? If you notice that the URL is "www.chase.com.ssl" not "https://www.chase.com". The "https" is a secure connection and the link from the E-Mail is not secure. Another problem with the link is the periods used in it. Normal URL links use a / not a period. After clicking on the link and going to the end, it turns out that the site is actually a sub domain that was set up on another site! Thus it is a hacker site. However, the owner of the hosting and the domain is not the one intending to have a fake bank account.
A Case Study...
At the beginning of this year a client of G Sharp Marketing had gotten a virus that watched what info he typed into web sites. This type of a virus is called a key-logger. The clients user-name and password was captured by the hacker and the hacker used this info to log into the site and set up a bank site inside of the clients existing site. Similar to the site that I talked about above. G Sharp was notified by our hosting company and we took the site down, changed passwords and made some modifications to security. However, despite our efforts the hacker got in again due to the virus on the clients computer. We realized that as soon as we gave the log in info over to the client the site would get hacked a few days after. We partnered with the client to develop a aggressive security plan and to make sure that it never happens again. Below is the out line of the security measures that we took.
- Virus scanner installed on ALL computers used to log into the site.
- Rebuild site from the ground up insuring to use all new code so that no infected code is in the new site.
- Implement a full site security system to watch every user on the site.
- Multi failed attempt lock out
- E-Mail and SMS alert when user logs in
- Site lock down if hack is attempted
After all security was implemented and the site was relaunched it has had 100% up time! We are proud to provide solutions like full site security to our clients. If you have any questions about full site security click "Contact Us" above.