The official BT Group website (http://www.btplc.com) is today being flagged up by a number of Internet security checks and Anti-Virus firms due to an alleged infection of Phishing Malware (malicious software), which is normally used to help hackers steal personal information.
The problem came to light this morning when we attempted to load the btplc.com website on several computers protected by ESET NOD32 Anti-Virus software, which instead returned an Alert! page warning of a “Potential phishing threat“. Digging deeper we were able to confirm that the website had very recently been added to the vendors Anti-Phishing Blacklist.
A few quick checks around the Internet reveal that some but not all other anti-virus vendors had either made a similar block or noted a related event on the btplc.com website. For example, AVG’s free anti-virus software hasn’t detected anything but others like ESET’s NOD32 and Sucuri Inc. had. It’s not unknown for Anti-Virus firms to be overzealous when it comes to computer security software, but that’s not always a bad thing because it helps to keep you safe.
Infected Pages (may not be a complete list)
All websites can be hit by this sort of thing and it’s likely that BT has already spotted and dealt with it, although if history is anything to go by then anti-virus vendors often don’t remove related warnings immediately and in some cases they can continue for several weeks even after the threat has been wiped.
Incidentally the http://www.bt-ngb.com website has also been offline for several days now, although this is not believed to be related and is just an unusual occurrence.
After an investigation BT has confirmed that the blocks, which have now been removed, were triggered by a false positive and ESET has updated their database accordingly. However one or two online security tests and web scanners probably won’t remove the issue from their lists until tomorrow or later. But the good news is that BT’s website is safe.