• Business - Companies
  • Updated: May 13, 2023

Reasons Why Your Bank Account Is Not Safe

As the number of bank customers keeps increasing, those of fraudsters/ hackers on the hunt for people's account details are also on the rise.

Unfortunately, the more customers try to protect their information, with passwords, the more hackers dig deep and find means to hack bank accounts.

Most times, they succeed due to how vulnerable banks are as a result of the poor security system of financial institutions.

Below are five reasons why your bank account is not safe, according to a post penned by Sennaike David, an Information Security expert and bug bounty hacker.

1. About 70 per cent of banks run vulnerable versions of Cisco VPN and Forti IOS (Cisco VPN is a platform that lets you control everything from servers to containers, apps and infrastructure from a single platform).

These vulnerable versions allow you to read the session details of the VPN users and the content of VPN servers.

Many banks have their users connect from the outside into the bank using these VPNs to perform tasks.

2.  Some banks expose log files such as Elmah log file (Log files are a historical record of everything and anything that happens within a system, including events such as transactions, errors and intrusions).

Some financial institutions even provide access to a drive containing logs to hackers.

3. Over 30 banks run a vulnerable web-logic server that gives access to their servers.

The Web-logic Server versions are from to

These exploits to these servers are readily available and accessible, and easily exploitable.

4. About four banks in Nigeria run custom “Moneytor” servers that expose Jolokia interfaces (Moneytor is a software-as-a-service which provides aid for debt management to both the lender as well as the borrower) and a quick search for Jolokia exploits shows you can access these servers within a few minutes.

5. There are several usernames and passwords of bank servers that are being leaked to everyone.

For instance, search for 'leaks' on GitHub and see the number of valid passwords and usernames of bank servers and staff being leaked to everyone.

At least 99% of banks have a valid leaked password on GitHub, which makes it easy to get details of banks on GitHub.

When you type: “mybankwebsite.com," you will be amazed at the number of interesting passwords belonging to banks that would pop up.

Related Topics

Join our Telegram platform to get news update Join Now
Felicia Abisola  Olamiji
Felicia Abisola Olamiji

  A graduate of English Language from Olabisi Onabanjo University, passionate about learning new...

More From this Author


guaranty trust bank plc Financial Services

Guaranty Trust Bank plc was incorporated as a limited liability company licensed...

wema bank plc Financial Services

aiico insurance plc Financial Services

AIICO Insurance Plc (NSE Ticker: “AIICO”) is an insurance, pensions ...


0 Comment(s)


See this post in...