Gallery
Fake NAB Internet Banking Login Page hi-res
More Information
- Fraudulent website: http://www.lamchuicpa.com.hk/uebimiau/tool/index.php
- Uebimiau
- Alert issued on bogus website
First published: 08th October 2014
The Hong Kong Monetary Authority (HKMA) has issued a warning about a page on the website of a Hong Kong CPA that redirects to a fake login page for the National Australia Bank.
The page http://www.lamchuicpa.com.hk/uebimiau/tool/index.php is hosted on the website of Lam & Chui CPA Limited and redirects to http://78.243.160.13/uebimiau/nab/index.htm?bidderblocklogin&hc=1&hm=uk%601d72f%2Bj2b2vi%3C265bidderblocklogin&hc=1&hm=uk%601d72f%2Bj2b2vi%3C265bidderblocklogin&hc=1&hm=uk%601d72f%2Bj2b2vi%3C265 - a web hosting site in France.
The Police are investigating and anyone who has provided personal information to or has conducted financial transactions through the website should contact NAB at 2826 8111 and any local Police Station or the Commercial Crime Bureau of the Hong Kong Police Force at 2860 5012.
The CPA appears to have been let down by their webmail software. The Lam & Chui front page contains only minimal contact information, but the server hosts their company webmail, run by Uebimiau, a little-known webmail reader. Public development of Uebimiau stopped in 2006, and there are 10 known vulnerabilities. Apparently, a vulnerability allowed an attacker to insert the redirection at /uebimiau/tool/index.php . The French site also appears to use the same webmail reader.