www.boibusinesscards.ie/

goose06 · 09-06-2015 11:13am #1

Hi Reps,

Microsoft are reporting the above site as being unsafe and used in phishing campaigns, can you get FirstData to fix this please.

Bank of Ireland: Janet · 09-06-2015 2:14pm

goose06 wrote: »

Hi Reps,

Microsoft are reporting the above site as being unsafe and used in phishing campaigns, can you get FirstData to fix this please.

Hi goose06,

Thank you for contacting us on Boards.

We're sorry to hear of the difficulties you are experiencing. We will have this looked into and come back to you asap.

Janette

goose06 · 09-06-2015 2:33pm

Thanks Janette

Bank of Ireland: Janet · 10-06-2015 10:36am

goose06 wrote: »

Thanks Janette

Hi goose06,

We're still investigating this for you. If you would like to send a PM with your name and phone number FirstData can contact you to help further.

I hope this helps,

Thanks

Janette

goose06 · 10-06-2015 10:58am

Hi Janette,

I work in the IT department in my company and one of the staff members alerted me of this issue as she was unable to access the site after speaking to FirstData who told her to clear her browser's cache. This will not resolve the problem as this site is being linked to Phishing campaigns and has being blacklisted by Microsoft so that needs to be resolved, it's pretty bad that activity linked to a major bank is being blacklisted like this.

I know that a user can bypass this warning by clicking on More Information and select disregard and continue but this is bad advice to be giving to your customers as this leaves them potentially vunerable if this site is compromised.

If you look at this link
https://www.ssllabs.com/ssltest/analyze.html?d=boibusinesscards.ie
you can see that the sites security leaves a lot to be desired so your IT Security team should be getting on to FirstData to resolve this.

goose06 · 10-06-2015 11:06am

FirstData should be contacting microsoft with the Report that this site does not contain threats link in the More Information Section of that page.

Bank of Ireland: Elaine · 10-06-2015 12:55pm

Thank you for the extra information goose06,

We are investigating this further and will respond to you here once we have an update.

Thank you again,
Elaine

Bank of Ireland: Sarah · 11-06-2015 9:28am

Hi goose06,

Just to advise we've received an update on this. The cause of the message has been identified and we expect to have this addressed over the coming days. Apologies for any inconvenience caused and thanks again for taking the time to get in touch with us here.

All the best,
Sarah

goose06 · 11-06-2015 10:25am

Thanks Sarah

Red Alert · 15-06-2015 10:34pm

They need to separately address the weak key strengths that are being used. This leaves customer data more vulnerable to eavesdropping on the wire than if strong ciphers were exclusively and preferentially used.

Tow · 16-06-2015 9:39am

Basic security patching of the server should have been included in their outsourcing contract.

Bank of Ireland: Tara P · 16-06-2015 9:58am

goose06 wrote: »

Thanks Sarah

Hi goose06,

Just a quick update on this, we have been advised that changes have been made and this should now be resolved.

If you are still getting this message you may need to clear your browser cache.

Thanks again for getting in touch and if you have any other queries please get in touch,

Tara C

goose06 · 16-06-2015 11:52am

Hi Tara,

Thanks for the update but they only updated the Cert they have left the underlying exploits open.

Bank of Ireland: Sarah · 16-06-2015 3:31pm

goose06 wrote: »

Hi Tara,

Thanks for the update but they only updated the Cert they have left the underlying exploits open.

Hi Goose06,

Thanks again for getting in touch today, we appreciate you taking the time to send this to us.

This has been passed on to our Visa Business Team.

Sarah

www.boibusinesscards.ie/

Comments