Bank Niaga and Bank Bukopin Phishing Update 2008


Recently one of the biggest private bank in Indonesia, Bank Niaga -part of CIMB Group, and one of biggest state bank in Indonesia, Bank Bukopin, attacked by phishing for their internet banking service. Here is the detail of what happened:

1. Bank Niaga and Bank Bukopin cooperate with bank2home (pacomnet) to outsource its internet banking services.
2. There are some hacker who perform a social engineering process by redirecting the link using fake link as below:

http://secure.bank2home.com.cn/ib-niaga/Login.html
http://secure.bank2home.com.cn/appbukopin/

Compare to the original link that using https and no addition for .cn domain.
https://secure.bank2home.com/ib-niaga/Login.html
https://secure.bank2home.com/appbukopin/login.jsp

Do you have any opinion? about security in online banking?

Anjar Priandoyo, CISA


Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Newsvine
  • Furl
  • Facebook
  • Google
  • Yahoo
  • Technorati
  • Icerocket

Trackback URL for this post:

http://www.securityprocedure.com/trackback/30

User login

Who's online

There are currently 0 users and 3 guests online.