tag:blogger.com,1999:blog-35328002.post8638163704090775124..comments2023-08-26T19:20:20.579+05:30Comments on ET: The Extra Textual: HDFC's Insecure Ways and More...LVShttp://www.blogger.com/profile/13647590516224080610noreply@blogger.comBlogger12125tag:blogger.com,1999:blog-35328002.post-14168628305044267592011-05-05T00:41:09.198+05:302011-05-05T00:41:09.198+05:30I've to confess that i typically get bored to ...I've to confess that i typically get bored to learn the entire thing but i feel you'll be able to add some value. Bravo !Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-35328002.post-15310038776674319222010-02-26T15:05:36.663+05:302010-02-26T15:05:36.663+05:30@seetha
it finally seems to have been addressed. n...@seetha<br />it finally seems to have been addressed. now!<br /><br />@abhishek<br />good post there. very detailed. and welcome to blogging :)LVShttps://www.blogger.com/profile/13647590516224080610noreply@blogger.comtag:blogger.com,1999:blog-35328002.post-25562544114074133102010-02-26T14:51:22.987+05:302010-02-26T14:51:22.987+05:30Hi,
I had stumbled across the same issue. After ...Hi,<br /> I had stumbled across the same issue. After several email exchanges with HDFC, they claimed that they knew about this issue. A google search lead me to your blog. <br /> Meanwhile, I have created a small write up on <a href="http://bit.ly/8ZnBKk" rel="nofollow">this</a>.<br /> HDFC has fixed this issue now. They have removed the vulnerable page from the server.Abhisek Sanyalhttps://www.blogger.com/profile/03484181296246017591noreply@blogger.comtag:blogger.com,1999:blog-35328002.post-7281399954411709472010-01-06T14:37:57.970+05:302010-01-06T14:37:57.970+05:30@LVS, Gr8 job!
The last comment of urs (@World) -...@LVS, Gr8 job!<br /><br />The last comment of urs (@World) - too much of an hype though :PSeetharamanhttps://www.blogger.com/profile/07501291665862537086noreply@blogger.comtag:blogger.com,1999:blog-35328002.post-89119387334006813062010-01-05T15:13:25.644+05:302010-01-05T15:13:25.644+05:30@barath and @kunal
thanks for the little chat. you...@barath and @kunal<br />thanks for the little chat. your comments talk for yourself :P<br /><br />@tdsmapper i know!<br /><br />@world<br />i just went to the bank to lodge this as a complaint - had to show this blog to the guy to make him believe! :) Thanks HDFC, hope you will fix it soon!LVShttps://www.blogger.com/profile/13647590516224080610noreply@blogger.comtag:blogger.com,1999:blog-35328002.post-1611751727658274252010-01-05T11:15:04.459+05:302010-01-05T11:15:04.459+05:30WTF man! Are they kidding? This seems to be a gapi...WTF man! Are they kidding? This seems to be a gaping hole!TD5M4PP3Rhttps://www.blogger.com/profile/15507448595711913645noreply@blogger.comtag:blogger.com,1999:blog-35328002.post-79302263690717758802010-01-05T09:45:46.896+05:302010-01-05T09:45:46.896+05:30Barath: Now i realise what you are talking about! ...Barath: Now i realise what you are talking about! This seriously is an issue.. I'm reporting the same to HDFC too :)<br /><br />Kunal JanuKunal Januhttp://kunaljanu.wordpress.com/noreply@blogger.comtag:blogger.com,1999:blog-35328002.post-79552064189641246952010-01-04T19:58:11.930+05:302010-01-04T19:58:11.930+05:30@Kunal
1) I totally accept with you regarding the ...@Kunal<br />1) I totally accept with you regarding the phishers/hackers<br /><br />2) But with the link provided, I can book a RD for you. Believe me!... This is really a big issue.<br /><br />You can try, just subtract 2 number from your cust ID and try to submit a RD, it will successfully gets submitted. Wow!.. You opened a RD account for some unknown.<br /><br />Hope you can understand my 2nd barathhttps://www.blogger.com/profile/13141423738284643903noreply@blogger.comtag:blogger.com,1999:blog-35328002.post-38568166543170761992010-01-04T14:30:31.749+05:302010-01-04T14:30:31.749+05:30And we are of a habit to follow the link without a...And we are of a habit to follow the link without actually looking if everything is genuine which is what barath did! The header reads "Recurring Deposit Booking!" :) All phishers/hackers/conner actually rely on Human psychology to pull off the scam!<br /><br />Kunal Janu <br />PS: Blogger does not give me an option of "Email follow up comments" on an Name/URL comment posting! Kunal Januhttp://kunaljanu.wordpress.com/noreply@blogger.comtag:blogger.com,1999:blog-35328002.post-42185411358158685022010-01-04T14:27:01.619+05:302010-01-04T14:27:01.619+05:30Okay, so the phisher has your Account number.. not...Okay, so the phisher has your Account number.. not much he can do with that except for go to the bank and get your balance.. Both Cust ID and Account Number are used for verification by the bank! So a person with just the customer ID and the account number can't possibly do anything! Unless he has the password of course :P<br /><br />The image is just another security tag and that is all! No Kunal Januhttp://kunaljanu.wordpress.com/noreply@blogger.comtag:blogger.com,1999:blog-35328002.post-25652770224556573812010-01-04T13:14:34.662+05:302010-01-04T13:14:34.662+05:30Good alert! Keep it up!Good alert! Keep it up!Kannanhttps://www.blogger.com/profile/04851290950976554113noreply@blogger.comtag:blogger.com,1999:blog-35328002.post-89525325563617243262010-01-03T14:00:05.104+05:302010-01-03T14:00:05.104+05:30Caution:
I submitted the RD request(using the URL ...Caution:<br />I submitted the RD request(using the URL specified by LVS), Oops!.. It submitted successfully with "Your RD account will be activated within 5 days....". Hope HDFC will conform once again(through netbanking or phone) before opening RD account.<br /><br />@LVS<br />You should specify your Cust ID instead of XYZ, just for testing! :)barathhttps://www.blogger.com/profile/13141423738284643903noreply@blogger.com