Cahoot Bank Scam - Fake Site re-direction

  IanS1 08:55 24 Feb 2011
Locked

Hi - I wonder if guys here can advise me re. a problem I just encountered when trying to access my on-line Cahoot Bank Account?

The problem is - I am automatically re-directed to a fake Cahoot site which looks ABSOLUTELY identical to the real site. The only difference is the fake site asks you for your Full password (whereas the real Cahoot site only ever asks for two characters from your password).

Fortunately I was not fooled and did not enter my full password.

I phoned Cahoot who say it's definitely a hacking problem on my laptop. And I have confirmed that on a neighbours computer, where I do get the authentic Cahoot bank website, ie the problem is only on my own laptop.

So my question is - (a)has anyone else reported this particular scam re. Cahoot Bank?, and (b)is there any way I can remove the offending scam from my laptop?

I have C-Cleaner, and Ad-Aware, and I've run those, without any threats being detected. I've also tried to run MacAfee, though I'm not really familiar with that and I don't know if I'm using that correctly, but again no obvious threats found.

However, the above are only free versions of those programs. Is it worth me paying for a more full version of something Norton in order to have a better chance of clearing the offending stuff off my laptop?

Any ideas?

Obviously this a very serious threat to anyone who uses Cahoot on-line, because as I say the fake website is 100% literally identical to Cahoot's real website, except the fake one asks for the full password.

Any suggestions very gratefully received.

Many thanks, Ian.

(ps - I am redirected to the fake site no matter whether I go to Cahoot via Google, or specifically via the address bar)

  Snrub 01:51 27 Feb 2011

forgot to add when you have done the above then create a favicon then just click on this when you want to link to Cahoot Website, simple!

  IanS1 14:49 13 Mar 2011

Hi Mgmcc and Snrub ... many thanks for trying to help ... sorry about this very delayed reply (I was away for the last 2 weeks trying to help care for a sick relative)... OK, so ...

... I tried typing in 193.127.193.36 as you suggested, and that brings up the Cahoot Login page, but when I login it still goes to the fake site, and still asks for the full password immediately.

I checked the URL which that goes to as you suggested, and it gives the following URL -


click here


which is almost identical to what you said, except you had LoginEntryServletBKS.


OK, so in other words it still appears to be going to the fake Cahoot site even when directly typing 193.127.193.36 into the address bar.

Any other ideas?

Does this begin to look as if this particular scam is so good that its' almost impossible to defeat it?

Incidentally, in my last phone conversation with Cahoot, they said the scammers could not get your full password in this way because they said that their genuine site asks for 2 characters from your password and that you are only allowed three login attempts, ie the most characters you could give away would be 3x2=6 characters (and passwords must be at least 8 chars long), so after those 3 attempts if you had still not supplied the correct characters then they say your account is automatically locked and cannot be accessed until you personally contact Cahoot by mail/phone.

However, I think they are wrong about that. Because the whole point of this particular scam is that I am being re-directed to the fake site ... so that fake site could allow you as many failed login attempts as the scammers need to collect ALL the character from your password.


OK, well as I say - I am truly very grateful for you guys trying to help me with this, and I do think this is potentially a very serious scam for 3 obvious reasons - because (1)it does appear to be impossible to avoid it, (2)it is such a good fake that the scam site looks literally 100% identical to the real Cahoot site, of course because (3)it’s an attempt to empty peoples bank accounts! ... and to be honest I think a huge number of people are likely to be fooled by this almost undetectable scam??

  IanS1 14:53 13 Mar 2011

Sorry ... but in the above where there isa link saying "Click Here", that text actually should say (without the spaces) -

" https :// securebank. cahoot. com/servlet/com.aquariussecurity. bks. security. authentication. servlet. LogonServletBKS "

  mgmcc 16:29 13 Mar 2011

I'd suggest you contact the Bank's tech support people and explain your experience to them. I cannot see how you can get to a 'rogue' site when accessing via the IP address.

  Ashrich 22:41 13 Mar 2011

If you know how to , check the TCP/IP settings in the properties of your wireless or ethernet connection ( whichever you use to access the internet ) , make sure that it is set to get an IP address automatically , the same with DNS addresses . It is possible to hijack a PC's internet access by re-routing everything through an rogue server first .

Ashley

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

OnePlus 7T Pro review

Kristina Bold is a font based on a stroke survivor's handwriting

The best games on Apple Arcade

Les meilleures séries Netflix (2019)