Bank Website Redirect – Fix After Format

TL;DR

Your bank website keeps redirecting you to a fake site even after reformatting your hard drive? This usually means the problem isn’t on your computer, but in your browser settings or potentially with your router. Here’s how to fix it.

Step-by-step Guide

1. Check Your Browser Extensions: Malicious extensions can cause redirects.
   • Chrome: Type chrome://extensions in the address bar and press Enter.
   • Firefox: Type about:addons in the address bar and press Enter.
   • Disable any extensions you don’t recognise or trust, one at a time, and see if the problem goes away. Pay close attention to recently installed ones.
2. Clear Browser Cache and Cookies: Old data can sometimes cause issues.
   • Chrome: Press Ctrl+Shift+Delete (Cmd+Shift+Delete on Mac). Select ‘All time’ for the time range, check ‘Cookies and other site data’ and ‘Cached images and files’, then click ‘Clear data’.
   • Firefox: Press Ctrl+Shift+Delete (Cmd+Shift+Delete on Mac). Select ‘Everything’ for the time range, check ‘Cookies’ and ‘Cache’, then click ‘Clear Now’.
3. Reset Your Browser Settings: This will restore your browser to its default state.
   • Chrome: Type chrome://settings/reset in the address bar and press Enter. Click ‘Restore settings to their original defaults’.
   • Firefox: Type about:support in the address bar and press Enter. Click ‘Refresh Firefox…’.
4. Check Your Hosts File: A modified hosts file can redirect you to incorrect websites.
   • Windows: Open Notepad as an administrator (right-click, ‘Run as administrator’). Open the file C:WindowsSystem32driversetchosts. Look for any lines that contain your bank’s website address and remove them if they don’t look legitimate.
   • macOS/Linux: Open Terminal. Type sudo nano /etc/hosts and press Enter (you will need to enter your password). Look for any lines containing your bank’s website address and delete them if suspicious. Press Ctrl+X, then Y, then Enter to save the changes.
5. Flush Your DNS Cache: This clears old DNS information.
   • Windows: Open Command Prompt as an administrator (right-click, ‘Run as administrator’). Type ipconfig /flushdns and press Enter.
   • macOS: Open Terminal. Type sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder and press Enter (you will need to enter your password).
   • Linux: The command varies depending on your distribution. Try sudo systemd-resolve --flush-caches or sudo /etc/init.d/networking restart.
6. Check Your Router Settings: Some malware can modify router settings to redirect traffic.
   • Log in to your router’s admin interface (usually by typing its IP address into a web browser – check the bottom of your router for details).
   • Look for DNS settings. Make sure they are set to automatic or use reputable public DNS servers like Google Public DNS (8.8.8.8 and 8.8.4.4) or Cloudflare DNS (1.1.1.1 and 1.0.0.1).
   • Check for any port forwarding rules that you didn’t create.
7. Contact Your Bank: If none of the above steps work, contact your bank immediately. They may be aware of a phishing attack targeting their customers and can provide further assistance.