Information security cognoscenti are circulating a URI that injects an image of Mohammed Said al-Sahhaf, the legendary Iraqi information minister, onto the e-banking site of Sampo Bank. (View a screenshot.) The choice of guest star was not made at random; it refers to the bank repeatedly having denied vulnerability examples reported more discreetly.
An attacker would use a security hole such as this one to display a fake e-bank site that would appear real (since the URI begins with https://verkkopankki.sampopankki.fi/).
What do you think about the recent events surrounding Sampo Bank? Please post your comments!
External links:
- Sampo Bank (in Finnish)
- “eBanking” (Sampo Bank)
- APWG
- “Ei ***tu näin Danske Bank!” (in Finnish)
One Comment
This should not happen.
Post a Comment