Equitorial Bank Website Used For Interswitch 419 Scam

I got the mails several times, first I disregard it but it keeps coming so I was convince it could be geniune and decided to fill the form online.

Guest what?' tanx to my Norton Anti-Virus who block it immediately.

Please guys! shine your eyes well well oooooooo!!!

As a security expert, here are a few tips people should always observe:
1. No responsible financial institution will ever request you update your records over the Internet, knowing the risks involved. If in doubt contact the bank first by phone or visit a branch.
2. Always ensure the website URL begins with https (NOT http as shown in the image) when entering confidential information. HTTPS means a secure form of HTTP.
3. Always watch out for a padlock or key sign on the browser (location varies between browsers).
4. Always use the latest version of your web browser (this will have the full certificate hierarchy). Ideally no one should be using present day any browser below Firefox 3, IE 7 or Opera 9.
4. Click on the padlock or key to verify the authenticity of the site if in doubt. This will reveal the site's certificate and the issuer. If the site uses a self-issued or expired certificate, the browsers listed above will easily detect and warn the user. In fact IE7 or IE8 will not allow you access to the fraudulent page.

Having said these, it is possible to hack into legitimate sites and create links that redirect to fraudulent sites. Yes, and it can be quite easy if the website developers/administrators do not follow security guidelines when designing these sites. This can be a form of cross-site scripting.

A plain antivirus program does not protect from phishing. However most packages come as a bundle nowadays, with antivirus, firewall, antispam and antiphishing e.g. Norton 360. They will easily spot phishing attacks like this example but not more advanced ones.

Any questions feel free to ask!

 Am angry and may be not sure if it is that Interswitch doesn't know what to do to permanently restrict these scams from putting up things such as this. Its really damaging the fact that banks are sincerely trying to walk the IT path, which is a good development but with the scams at work, people wouldn't trust the result if they actually try using full IT system access. Pls good, righteous and indigenous Nigerians that are really good at these IT stuff shld come together in mind to find a lasting solution to this hindrance. 

Not much Interswitch can do, besides advising people on safe practices, like I listed in my earlier post. The real Interswitch site would have features to help identify it, for instance, only the legit interswitch site can begin with https and have a padlock sign, except they were careless to let a crook steal their server certificate!

simply go to www.whois.sc and type the website address into the address bar.

@ seun, i noticed that while posting replied, it gives a 504 gateway timeout. This is causing everyone to make their post twice,

Is it a temporary server issue? Kindly rectify it please if you can. God bless

@gbengaijot

Please how do I check for the Whois Record of a website, thanks.

Its not limited to equitorial trust bank thay picked bank at random,the content is enough to make an intellect think twice. (1) how can Bank cancel ATM transaction of Millions of their customers (2) what is the percentage of their customers that have access to the internet to get such information.

I believe the fraudster is sick and no matter the make belive of any website, I advise individual to visit the concerned Organisation for better clarification. As good as ICT there are great vices,its not limited to Nigeria. Hackers effort should be a training to experts,that is what should bring a good challenge to make ICT expert perform better

@Topic.

Amazing Grace, how sweet the sound.

How they hell , where they able to host in on the real banking website.

this should be investigated , probably the webmaster should be held.

How they hell , where they able to host in on the real banking website.

this should be investigated , probably the webmaster should be held.

i noticed this too. but when you post and get this, just refresh instead of going back and posting again.

From the replies i have read on this thread, its obvious that only a handfull are webmasters. This situation is a unique case. Its not the usual thing where the scammer sets up a fake website which is a clone of the original site and tries to get confidential information through that fake website.

This case is the case of a bank's real website, being hijacked and used to scam people. The consequences of this are absolutely grave,  ETB really need to get on top of this. As far as i'm concerned, these scammers have the power to do anything with the ETB website if they wish. The can even shut it down totally if the want.

The only mysterious thing is that how did they manage to gain access onto the webspace?? A question only the webmasters can answer.

How is it possible that this criminals got into ET Bank's website control panel and created a subdomain to upload a phishing website. believe me, the person incharge of managing ET Bank's website is directly responsible for this. As someone who has grounded knowledge in Etical hacking and forency investigation, i know well, how a website is hacked into, so u wont tell me to believe that the fraudstars actually hacked into ETB's website and used it to upload a fraud page.

Please other web programmers here should know what am talking about. Its only if the bank uses a kanel shell code which is vulnerable to attacks, or any other easy web uploading scripts that this happens. Moreso, this fraudstars are not even hackers because what they do is not regarding as hacking so they would not possibly be able to go into their cpanel.

I'm open to more arguments on this

The bank should question their site admin for this! PERIOD!

yesterday i got one from gtbank, which is the bank i use. i almost succumbed, til my firfox stopped me