Bank buyouts trigger new phishing scams
Wednesday 8 October 2008 8:53 AM
Security experts are warning users to be on the lookout for a new round of spam attacks playing off of the recent banking crisis.The US Computer Emergency Response Team (US-CERT) is warning of new spam messages purporting to be from popular banks. Advertisement The warnings come after the recent economic crisis pushed several major banks into the hands of new owners. The rash of buyouts left some consumers puzzled as to who was now operating their banks, and phishers have apparently capitalized on that confusion. Phishers commonly use phony "account verification" attacks to lure in victims. The spam messages attempt to imitate a notice from the bank and will often threaten the user with penalties if they do not proceed to a phony " verification" page and enter bank details which are then harvested by the attacker and either sold off wholesale or used for fraud. As the confusion over the mergers continues, phishing attacks that portray themselves as being from a new owner of a user's bank could become more effective and more numerous. US-Cert is advising users to observe best practices for avoiding phishing, such as avoiding unsolicited emails and not entering account details into suspicious sites. Users concerned about their account status can also avoid phishing attacks by manually loading their bank's web site in the browser and entering the online banking service through the site's front page. Written by Shaun Nichols
Also See
|