Want to hand over your CIBC online banking details to identity thieves? You can do it by visiting dianaadams.ca and filling in the online form.
It’s not on the home page – you’ll have to dig a bit deeper or just visit this link that arrived via email this morning:
But whatever you do, don’t put your real CIBC information into the form. You’re not really on the CIBC website – it’s a page that’s been added to dianaadams.ca to help collect your banking information and pass it on to identity thieves.
Was Diana’s website hacked? Probably.
And since it’s a .ca site – meaning it’s likely Canadian – the polite thing to do would visit her site and look for a way to let her know. Unfortunately the home page consists of a few words, an image of a book cover, and a photo of our intrepid poet, writer, and troublemaker. No links. No contact information or form.
So a quick check of her domain name registration looking for an email or postal address. Or a phone number. But that information is hidden from public view. Same for her hosting company, Alberta-based Computer Engineering: no email contacts, no phone number, no physical address.
She appears to have a LinkedIn profile, but she’s not in my circle of connections. So how do you tell someone who’s taken the trouble to hide her domain name information that her site has apparently been hacked and turned into a phishing site that’s trying to grab online banking details from CIBC customers?
The bigger question is why hide your registration information in the first place. Besides making it easier for the Internet’s less savoury characters to make their mischief?
« A Fix for HTML Issues with the WordPress Visual Editor |
Google Plays “Hide the Free Version” with Apps for Domains »