Phishing site found running on Sony server

Latest security embarrassment

TODO alt text

A credit card phishing site has been found running on one of Sony's servers, adding to the company's already extensive security based headache.

Users are encouraged to apply for a credit card on the fake site, which lives at hdworld.sony.co.th; although the site doesn't mention Sony at all, the URL may encourage confidence in unwitting consumers.

The company is still reeling from its last security breach, with the PlayStation store not even back online yet and the PlayStation Network having enjoyed over three weeks of downtime over the last month after hackers broke in and compromised users' credit card and personal details.

One thing after another

We're sure Sony will be scrambling to remove the dodgy site as we speak as F-Secure, which discovered the phishing site, alerted the tech giant to its existence.

This latest revelation comes after the company was forced to take the PSN password reset site down because it required users' email addresses and dates of birth to verify their IDs; information that had already been compromised by the hackers.

It looks to us like Sony needs to take a long hard look at all its security processes before another breach tips consumers away from the company altogether.

From F-Secure via Slashgear