New Phishing Tactic Dangles Millions As Bait -- Internet Scams

[ Show ]

Support VoyForums

[ Shrink ]

VoyForums Announcement: Programming and providing support for this service has been a labor of love since 1997. We are one of the few services online who values our users' privacy, and have never sold your information. We have even fought hard to defend your privacy in legal cases; however, we've done it with almost no financial support -- paying out of pocket to continue providing the service. Due to the issues imposed on us by advertisers, we also stopped hosting most ads on the forums many years ago. We hope you appreciate our efforts.

Show your support by donating any amount. (Note: We are still technically a for-profit company, so your contribution is not tax-deductible.) PayPal Acct: Feedback:

Donate to VoyForums (PayPal):

[ Login ] [ Contact Forum Admin ] [ Main index ] [ Post a new message ] [ Search | Check update time | Archives: 1, [2], 3, 4 ]

[ Next Thread | Previous Thread | Next Message | Previous Message ]

Date Posted: 22:48:47 02/19/05 Sat
Author: Busted
Subject: New Phishing Tactic Dangles Millions As Bait

New Phishing Tactic Dangles Millions As Bait

By Gregg Keizer, TechWeb News

Phishers twisted a long-standing scam tactic into their newest technique to fake consumers out of their bank account information -- and the money in those accounts -- a security firm said Friday.
The new scheme starts with an e-mail from a phony bank, claiming that a large amount of money has been placed into a new account opened in the recipient's name. A link to the bogus bank is included, along with an account number and a PIN.

The message goes on to say that the recipient can transfer the money by logging into this account -- which shows a large balance -- and then by providing information about a real bank account to finalize the transfer.

"In some ways, this is similar to the Nigerian 419 scam," said Dan Hubbard, the senior director of security at San Diego-based Websense. "It has some similar characteristics."

In the long-running Nigerian scam, also called the "advanced fee fraud," vast sums are promised in return for either up-front good faith cash or access to the victim's bank account to make the fund transfer.

"We've seen phishers use fake banks before," said Hubbard, "but this is the first time we've seen a scam that says money is waiting to be picked up."

In the example e-mail that Websense captured, the text begins, "We have been directed by the Mega Magic Foundation of France to notify you that the sum of One Million Euros has been deposited in our bank, DBS Bank, in your name, awaiting immediate transfer to your personal bank account."

The message concludes with the kicker: "Once logged in to your account, you can transfer via wire directly to your personal bank account by clicking on the 'click here to transfer' link."

The logo displayed in the message is fake, said Hubbard, but there is a holding company that goes by the name of DBS Bank. However, he didn't know whether the name used by the scam was simply a coincidence or planned. He suspected the former.

"More and more fraudulent-based sites are appearing that don't target a specific brand," said Hubbard in explaining why this tactic doesn't use a real-world institution, as do many other phishing attacks. "Since the bank is probably fake, the phishers don't have to worry about any countermeasures. Who would someone report this to? There's no brand directly affected."

Most phishing attacks aim at a specific bank, such as Citibank or Washington Mutual, and are first discovered when customers report the scam to their bank.

"This is another example of the continued creativity of these people," said Hubbard.

[ Next Thread | Previous Thread | Next Message | Previous Message ]

[ Contact Forum Admin ]

Forum timezone: GMT-8
VF Version: 3.00b, ConfDB:
Before posting please read our privacy policy.
VoyForums^(tm) is a Free Service from Voyager Info-Systems.
Copyright © 1998-2019 Voyager Info-Systems. All Rights Reserved.