Pook
0
Try the following:
- Go to the Broadband Dashboard at http://supportcentre.talktalk.net/
- Login as normal with your Master Account username and password (i.e. 02079813040@talktalk.net for your landline number)
- Look at the status bar at the bottom of you Browser whilst hovering over 'Connection' or 'E-Mail' or 'Webspace' links!
http://supportcentre.talktalk.net/cgi-bin/login.cgi ?hostname=02079813040 &password=O0F2T0C7O9 &action=username &tab=1
This is very serious because it means that every time you access the Support Centre it will be transmitting, in an unencrypted form, all the information necessary to hack your account. With minimal effort this can be retrieved at any point between you and the Support Centre cluster, in fact, it will be sitting there in the server log files and may even be passed to a third parties for usage reports. You are particularly vulnerable to other users on your network, proxy servers, or through access to your computer and the Browser History Cache (search for http://supportcentre.talktalk.net/cgi-bin/account.cgi). More crucially, access to the Support Centre through any computer infected with SpyWare will instantly compromise your account.
Don’t even think about using HTTPS (encryption), first of all, they do not have a valid certificate installed, and secondly, it redirects to a ‘Test’ environment – look at the Title Bar.























