Kitz Forum
Computer Software => Security => Topic started by: canon on April 20, 2007, 02:21:54 PM
-
Hi,
I noticed today (after a Firefox warning of an expired security certificate) that as I open the LTSB log-in page that other websites are connected as the page opens.
They are: rd.clickshift.com (security cert warning was on this one) and rd.admesa.com.
I had to do a video screen capture to read them!
Does anyone know what this is all about and can it be prevented?
Thanks,
Terry.
-
A Google search for 'rd.clickshift.com' seems to associate it with a site offering cheap flights to New Zealand, and a visit to the site results in a page which simply says 'It works'. rd.admesa.com appears to relate to a real estate agent. If I were you I would inform the bank IMMEDIATELY as you may have been caught by a trojan or something which intercepts your access to the online bank.
Eric
-
I looked at www.clickshift.com, part of webtrends.com, and that seemed to be a web site logging service - I assumed that it was something that LTSB used for stats. The admesa one is odd.
I have e-mailed them to ask about this.
I'm about to do a full AVG scan!
Terry.
-
I've done a full virus scan and there are no problems.
Further investigation shows that rd.admesa.com is also a Webtrends.com feature. Like rd.clickshift.com you get a page which says 'it works', but using Google toolbar to go back up the link it gets to Webtrends, a company that seems specialise in tracking web site users for their customers.
I'll wait with interest to see what LTSB say.
Terry.
-
Well it seems as though others have had the same problem: -
http://www.theregister.co.uk/2007/04/20/lloyds_tsb_cert_glitch/
What's worrying, despite me blocking cookies from LTSB and the other connected sites (clickshift etc) in Firefox, cookies still reappear after logging in. A couple are time out cookies which is ok but the other 2 I'm not sure about.
I also now realise that connections are made to clickshft etc when logging in on a secure page! LSTB have got some explanation to do.
Terry.
-
OK, it looks as though your money is not at risk, but better safe etc. :) I agree that the bank has some explaining to do.
Eric
-
Well, I got a reply from LTSB. They said that the expired certificate should have been accepted and gave a link to their help pages on how to check certificates. The example given is clearly a LTSB cert but the expired one certainly was not.
I've replied and told them that was really bad advise from a bank!
They did not tell me why my transactions were being linked to another non LTSB site so I've asked about that again too. I do know why of course - it's for marketing stats but it's another risk with respect to security.
I might continue to stir it with them, if e-mails don't give good/honest answers, it'll be a letter next!
Terry.
-
Yes, if you've got the energy I think it is worth stirring. It's your money which they are putting at risk.
Eric
-
For a little bit of added safety, you could always use SpoofStick.
This will sit on your toolbar and shows the correct name of the site you have entered.
Should you ever be either re-directed or log onto a phony site it will display the site name.
http://www.spoofstick.com/ (http://www.spoofstick.com/)
Hope this may be of use to any-one.
-
For a little bit of added safety, you could always use SpoofStick.
This will sit on your toolbar and shows the correct name of the site you have entered.
Should you ever be either re-directed or log onto a phony site it will display the site name.
http://www.spoofstick.com/ (http://www.spoofstick.com/)
Hope this may be of use to any-one.
It's no good for firefox 2 !
Michael.