NatWest overhauls Net security after online confrontation
Banking firm NatWest has confirmed it is in the process of overhauling its website after discussions with a specialist who found a vulnerability’s safety.
According to the BBC, a researcher pointed out that the simple fact that lots of banks use HTTPS connections but fail to implement this protection.
The safety expert, Troy Hunt, called NatWest among the banks that “needed repairing”. He pointed out that the flaw to the bank on Twitter, plus it responded saying “Sorry you are feeling like this”.
The bank has since told the BBC it has been in touch with safety experts and that it’ll make the changes that were suggested within 48 hours.
Hunt detailed the flaw within a blog article, composing: “NatWest admits that HTTPS is crucial because they have it in their own login page and (presumably), all their bank pages.
“They’re using HTTPS due to the aforementioned dangers involving somebody getting in the center of the connection along with messing with traffic.
“If somebody is messing with traffic then they could modify non-secure requests”
The safety expert said that cyber crooks can hijack the online banking agency “nwolb.com” and direct visitors to sites with similar domain names, such as “nuuolb.com”.
Since the site article has circulated the internet the bank has got the “nuuolb” domainname, which has angered Hunt. He said the bank has failed to see the purpose.
He said: “”We’re visiting ‘Not secure’ next to the address bar. I would opine that ‘Not secure’ isn’t what you want to see on your financial institution.”
Speaking to the BBC, NatWest owner RBS stated: “We consider the safety of our services extremely seriously.
“While we do not currently enforce HTTPS on some of our sites, we are working towards upgrading this in the subsequent 48 hours”
First Direct is but it too is currently looking at changes. It told the BBC: “This operation is something we are currently reviewing”