I thought that securesuite.co.uk was a phishing attempt, but it seems be a legitimate outsourced provider of the so-called “3D secure protocols” known as Verified by Visa and MasterCard Securecode for card issuers. So far I have identified AIB (IE), and Royal Bank of Scotland (UK), and MBNA (IE) as users.
However I must be frank and say securesuite.co.uk has all the hallmarks of a phishing scam, I’ll make the phishing keywords bold in case you wish to skim over this section. Lets say you are presented with the screen, you are asked for your password when first presented with the popup which is a window with no address bar, not knowing your password – because this is your first time using the added layer of security – you’ll click forgot password, or register, you are then asked for your credit limit, CV2. To be sure you view the page info of the popup and see its securesite.co.uk, and not mybank.com, not even mycreditcardbrand.com, so you visit http://www.securesuite.co.uk, but there is no response, and at https://www.securesuite.co.uk there is a blank page. You perform a WHOIS query and see
Checking server [whois.nic.uk]
8 west 38th street
Register.com Inc [Tag = REGISTER-DOT-COM]
Registered on: 09-Jun-2002
Renewal date: 09-Jun-2008
Last updated: 09-Apr-2006
Registered until renewal date.
Who are “cyota”? this looks like a scam. You call your bank but the functionaries on the line have never heard of securesite.co.uk, they know about Verified by Visa, and MasterCard securecode, but don’t know how they work. So you visit mybank.com, or in my case aib.ie, but of course their site is down again displaying an error message, you visit mastercard.com or visa.com, but naturally they can’t have something as simple as a list of authorised providers of the system.
Well I took the risk, in the interests of journalism, and buying a new harddrive from komplett.ie!
Banks should really learn to put everything on their own single domain, eg bankofexample.com. Yet I see that Bank of Ireland still use boimail.com for their email, and bankofireland.ie for their website.
*securesuite.co.uk is not to be confused with securesite.co.uk which is a shared SSL site operated by a company called Redstation, and looks quite nice, indeed in the Ambrand Dot Com office we enjoy listening to the most excellent and truly fresh beats user that one user has uploaded to his space on securesite.co.uk.