Thursday, November 14, 2013

Why Checking The Address Bar Is Important

If a person goes to a bank and logs in, they expect to be in the bank at all times unless they’re warned that they’re leaving the bank and going to a third party.  

In this day and age, people are taught to surf safely.  This means you check the address bar to make sure that if you expect to be in a particular site, that you’re actually where you think you should be.  Nobody wants any funny business going on with redirects and such.  

So today I went to order some cheques.  Having logged into my bank, I noticed this unexpected domain and certificate switch from the bank to a third party printer's website.  

(Click image for full size)

I get that the third party printer is used to print the cheques, but there was absolutely no communication from the bank that you’re actually leaving their site.  If you think you've logged into the bank, the expectation is that you're in the bank's website, not someone else's.

Naturally, my initial response for the first few seconds until I remembered who “DH” is (Davis and Henderson), was what am I doing at someone else’s site? Is this a redirect to a scam site?

It’s not a scam, but the bank wasn’t being very clear either.