Information security experts are circulating a URI that injects an image of Mohammed Said al-Sahhaf, the legendary Iraqi information minister, onto the e-banking site of Sampo Bank. (View a screenshot.) This guest star was not chosen at random, but refers to the bank having repeatedly denied more subtly reported vulnerability examples.
An attacker would use a security hole such as this one to display a fake e-bank site that would appear real (since the URI begins with https://verkkopankki.sampopankki.fi/).
What do you think about the recent events surrounding Sampo Bank? Please post your comments!
External links:
- Sampo Bank (in Finnish)
- “eBanking” (Sampo Bank)
- APWG
- “Ei ***tu näin Danske Bank!” (in Finnish)
Post a Comment