According to a report by cnbeta, although the Industrial and Commercial Bank of China (ICBC) has blocked the vulnerability of hotspot, is there still any漏洞? Yes, it still exists. Although the ICBC page does not appear anymore, since the official ICBC page is used, one can just construct a page to disguise as the ICBC page, and that page can still be used for phishing. Since this involves the security of bank users, I will no longer disclose specific implementation methods, but only publish examples of vulnerable pages for everyone to test.