Halifax online banking

Former Member

The last couple of times i've logged on a white box has come up asking for my information (see picture).

I havent put any in yet and i dont want to but i cant do anything or access my accounts while its there.

Im still waiting for a reply email from them but does anyone have any idea if this is safe or not?

Attachment not found.

Former Member

(I don't bank with Halifax, btw)

It sounds a bit dodgy to me. I have always been told that I would never be asked to confirm information like this. Yes, when I want to log in, I must enter a PIN and 4 characters of my password; but have never been asked for information like that.

What do you normally need to enter, in terms of information?

Former Member

My username and password and then a memorable word of which you're usually asked for 3 characters.

Its asking for the card number that got me, and how its worded (ATM #). We dont tend to use ATM in the uk

*Seany*

Hi Lexi99,
It's probably best to give Halifax a call to check this. Also try logging in with a different computer. It's possible that the computer you're using is infected with malware that recognises the site and serves you this box when you visit it.
Of course, it may just be a new feature, but banks do usually let you know when they change security features.
There's also some content on TheSite which you might find useful.

Don't panic, though - banks are usually good at dealing with this when they've been notified

Former Member

I think it probably is legitimate- all the usual security devices are there- but it's best to give them a call to make sure.

They will use "ATM" because not all cards they issue are debit cards. Also, certain other common phrases are actually trademarked to other banks; "hole in the wall", for example, is trademarked to Barclays and "cashpoint" is trademarked to Lloyds TSB.

Former Member

Report it, just to be safe.

Whilst it looks legit, there a some smart viruses doing the rounds which are changing how banking webpages look. Whilst they still seem legit, and ask apparently legit questions, they are actually phishing.

Halifax will soon tell you if it's legit.

Former Member

I've not had to enter information totally specific to that before when setting up my Halifax online, but this may be because I got the bank to do it over the counter so they already had that info. I had to enter information myself when I first logged in, unless that's changed and they ask for more details. This was a few years ago though.

Former Member

I did have something similar to this (I am BOS) uses the same system/bank etc etc.

I did however not trust it and phoned the information in for security, waited 24 hours, tried logging in and it didn't ask.

Good luck, probably legit but you never know.

Former Member

Thanks everyone, i'll give them a call tomorrow

Former Member

I would be VERY wary of that. I've spoke to Leigh as he knows a bit more about this than me. It's possible an 'overlay' (the white box) has been put in/redirected to that web page. That's an awful lot of unecessary info they need. They would not need the whole card number, just the last 4/5 digits for a start. Memorable words are usually used for if you forget your log in details. They certainly don't need the expiry date of your card. Or your entire birthdate.
True some banks do use the expression ATM, but it could also be a negative point.

Your date of birth is mm/dd/yyyy every UK site i use is dd/mm/yyyy

How did you get to the banking site ? directly or from an email or something.

It''s possible it's perfectly ok but a particularly shit way of authenticating who you are.

Former Member

Just noticed it asked for your FULL memorable word, this is not right at all, also DOB is wrongly ordered.

Try right clicking the white box and hit properties, see the website if is coming from.

Former Member

Just thought too. Why is it asking you for these extra details AFTER you're logged into your account ?

Former Member

See

http://www.pcworld.com/article/141364/new_trojan_intercepts_online_banking_information.html

http://www.bbc.co.uk/news/technology-16812064

Scan your computer for viruses. If possible, try accessing your account from a completely different computer to see if the same sort of thing happens.

Former Member

I logged on today from the home computer and it was absolutely fine so my laptop must have something on it.

Im going to update my AVG before I scan but is there another programme that i should download for this? I know absoltely nothing about malware and which programme does what!

Former Member

Lexi99 wrote: »

I logged on today from the home computer and it was absolutely fine so my laptop must have something on it.

Im going to update my AVG before I scan but is there another programme that i should download for this? I know absoltely nothing about malware and which programme does what!

The two porgrams you really need are

AVG
Malwarebytes

Each work together very well and I've never had any problems, both personal or at work.

Former Member

I really don't like the look of it...

and why is your security shield red and crossed out?

Former Member

Because my laptops become retarded lately, i really need somebody to come in and sort it out. At the moment im trying to sort out Windows Defender and install the latest AVG (not at the same time) but my laptop just freezes up halfway through, and as i have no idea whats causing it, i dont know which services i need to have on or off :grump:

Former Member

Do it in safe mode, press F8 on boot. Disconnect from the web too, if your computers connected to the internet, depending on the infection, it can download more viruses.

Former Member

I tried that and AVG said something about having to reconfigure the system or something, would that still be safe to do in safe mode?

Former Member

In cases of unknown trojan/virus infection I'd generally recommend backing up important documents / files you want to retain, and reverting to factory defaults / re-installing windows.

Former Member

It would be safe to do it in safe mode, its just setting itself up. Run MWB in safe mode too. Even Spybot Search&Destroy is a handly app.

Do you know how you got infected? You should install Sandboxie in the future to help protect you better from rouge apps. Honestly I would do as Mist suggests, backup what you can (in safe mode) and reinstall Windows. Make sure you scan all your backed up files before putting them back though.

Former Member

Dont i have to have a disc to reinstall though? I have thought about it doing it before but i can see it all going totally tits up

Former Member

You would most likely need some kind of recovery or install disc, yes.

Former Member

Gah.

Well i seem to have gotten rid of the box on online banking now, just by using windows defender, but my laptop is now having trouble with installing updates so as of this moment i dont have any antivirus software, hmm

Former Member

Hi,

the pop-up appearing is as a result of an http injection into your browser from a trojan/malware. It is a variant of the ramnit trojan.
The information it it phishing for is to obtain your online banking details and also the information the fraudster will use to pass the bank's verification procedures.
If you haven't already done so, please contact your bank's fraud department.

Former Member

Hi there theguybehindyou,

Welcome to the boards. Thanks for posting too. However, we don't normally like people posting on old threads as that matter has probably been resolved already. So if you wanted to carry on the discussion or start a new one, please start a new thread.

Thanks.

I will close this thread now.