Online Banking Security Alert

In accordance with PayPal’s User Agreement and Privacy Policy, and to ensure that your account has not been compromised yet, access to your account was limited.

Now we’d like to know what you think!

Dear Alliance and Leicester UK member!

Dear Alliance and Leicester Bank Plc user!

Congratulations!

Websense® Security Labs™ has discovered that the United Nations’ HIV/AIDS portal for Asia Pacific was compromised with a malicious script that attempts to exploit multiple vulnerabilities. When the Web site is visited, a malicious JavaScript file (e.js) is executed and creates two additional iframes in the page. Site visitors infected with this malicious code will have a Trojan downloaded and backdoor installed on their desktops.

We believe that these are the same perpetrators behind two similar compromises, one of a prominent bank in India and the other of a large industry organization Web site. Websense Security Labs discovered and reported on both of these incidents earlier.

Websense users with Websense Web Security Suite are protected from connecting to the sites hosting the malicious payload.

Screenshot of the UN Web site with its HTML source:

The growth of the internet has offered greater flexibility for us all, but it also brings new risks that must be guarded against.

Congratulations!

Dear Alliance and Leicester Bank Plc user!