how to fix if a site is always redirected to another phishing site?

0

I am running Windows XP SP3. Before I used to do online banking using this computer without problem. But recently, when I will visit my bank to do online banking, https://www.mybdo.com.ph , it gives me this warning :

The site's security certificate is not trusted! You attempted to reach online.bdo.com.ph, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. You should not proceed, especially if you have never seen this warning before for this site. (proceed anyway) (back to safety)

Note that this will appear whatever browser I am using (chrome, IE, firefox). If I click on proceed anyway, it will direct to this address :

https:// online.bdo.com.ph/sso-gateway/signon/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/sso/index.html

and it keeps on generating sso nonstop unless i click stop on it. If I go to the main page of the bank which is http://www.bdo.com.ph and then I click on the upper right side of the page "online banking login" , and then "bdo online banking" , it will redirect to this site :

http:// online.bdo.com.ph/sso/logina26b.html?josso_back_to=http:// online.bdo.com.ph/sso/josso_security_check%26josso_partnerapp_host=online.bdo.com.ph%26josso_partnerapp_ctx=/sso

this page contains somewhat like a phishing site like the login page I used to login before, except that it is asking for 16 digit - ATM/Card no and ATM/Card PIN , aside from the username and password. Whatever username password you input, you will be successfully login so for sure this is a phishing page.

My problem is how can I fix this problem? If I boot windows xp in safe mode with network, the banking site is working fine. But when I boot normal again, the problem is back. I run antivirus on my computer and it found nothing. Hopefully someone can help me as I am stuck with this problem for a few days now.

user3239332

Posted 2014-01-30T19:40:30.427

Reputation: 11

The simplest way would be to remove the malware infection. The simplest way to do that would be to reinstall Windows since security software isn't detecting the infection. – Ramhound – 2014-01-30T19:50:54.540

XP simply isn't safe any more. upgrade via a clean install of win7/8 or use a linux distro if cost is a big concern. – Frank Thomas – 2014-01-30T20:10:33.037

yes, thanks, I will upgrade to windows 7 soon. What I found out is even if I use my other computer, at first the site is working and then after a few successful loading, the browser says that it is not a trusted site. This is also true when I experiment using my laptop. Maybe the problem is with the site itself? The site is https://www.mybdo.com.ph , sometimes it shows a page asking for 16 digits atm pin aside from the username and password which it shouldn't be asking. Maybe someone hack into their site and add phishing codes so that they can get the passwords/pin/card no of the users?

– user3239332 – 2014-01-30T22:13:40.203

Right now, I can visit the site without problems. I did not do anything. Maybe something wrong with the site itself. – user3239332 – 2014-01-31T01:19:54.490

Answers

2

I can resolve that website just fine, so it's possible you have a malware infection.

If you're being redirected to a suspicious site instead of your bank's, the best thing to do is follow the standard steps to deal with any and all computer virus:

  1. Wipe the hard drive
  2. Reinstall your operating system

There really is no practical and guaranteed solution to remove malware besides those two steps.

Another thing I notice is that you tagged this question Windows-XP. If you're still using Windows XP, you are much overdue to upgrade to a secure operating system. Microsoft is discontinuing security support for XP on April 8th, 2014. Continuing to use it beyond that date would be extremely unwise.

Read "How do I get rid of malicious spyware, malware, viruses or rootkits from my PC?" for details.

More information about Microsoft's End of Life for Windows XP.

Moses

Posted 2014-01-30T19:40:30.427

Reputation: 10 813

Is it possible that the problem is with the site itself? Because I use another desktop PC running win7, at first it was working, and then after a few successful loading, it was receiving warning that it is not a trusted site. Lastly, I use my laptop which I believe is very clean (also running win7), it visits the site without problem at first but after a few hours, it is receiving the same warning of SSL error. The site is https://www.mybdo.com.ph , you guys can try it. Maybe my theory that the problem is with the site itself. I am not having problems with other sites aside from this.

– user3239332 – 2014-01-30T22:09:25.187

Just for additional information, when I am using web proxy sites such as www.hidemyass.com to visit the site, it is working properly using the same PC that has problem. – user3239332 – 2014-01-30T22:29:42.403

0

Ideally, you would format the hard drive, reinstall Windows, reinstall your programs, and restore your data from a backup.

Given that this is not always practicable, please see How to remove Any Browser Redirect virus (Removal Guide). You may want to uninstall all the software that following those instructions leads to being installed afterwards.

Andrew Morton

Posted 2014-01-30T19:40:30.427

Reputation: 2 366

Asked: 2014-01-30T19:40:30.427

Viewed: 1 947 times

Active: 2015-03-17T09:47:31.743