Login Form

 
Phising or Spoof Emails PDF Print E-mail
Written by Bernie Vincent   
Thursday, 12 October 2006

Phishing is a term used to describe the use of 'spoofed' e-mails and fraudulent websites designed to fool you into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc.
 
It is claimed by industry experts that by hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them.
 
Here are a couple of recent examples of such a scam, which perports to come from Citibank and Halifax:
 
CITIBANK
 
Dear Customer, Your Details Have Been Corrupted
 
Recently there have been a large number of cyber attacks pointing our database servers. In order to safeguard your account, we require you to sign on immediately.
 
This personal check is requested of you as a precautionary measure and to ensure yourselves that everything is normal with your balance and personal information.
 
This process is mandatory, and if you did not sign on within the nearest time your account may be subject to temporary suspension.
 
Please make sure you have your Citibank(R) debit card number and your User ID and Password at hand, etc...
 
HALIFAX
 
Dear client of Halifax Internet banking
 
Technical services of the bank are carrying out a planned software upgrade for the maximum convenience of users of online-services of the Halifax Bank. We earnestly ask you to visit the following link and confirm your bank data etc...
 
The link starts https: (indicating a secure server connection) and then has halifax.co.uk/plus other text.
 
There is a way to check whether the reply address is as it appears. Place the cursor over the message – not the link – and click the right mouse button. Select View Source and you will see the technical code of the message. Whilst this looks a daunting you will see that instead of the visible address, such as http://www.halifax.co.uk there will be a series of numbers nnn.nnn.nn.nn that represents the "internet address" of the website behind the scam.
 
The wording of these messages is often plausible, given that banking errors do occur, and people do get fooled. But Citibank, Halifax, or any other bank, would never issue such emails.
 
There is an excellent list of do's and don'ts on this page:
 
http://www.antiphishing.org/consumer_recs.htm
 
See this description of Vishing - a form of Phising using telephone diallers.

http://en.wikipedia.org/wiki/Vishing

 

 

Last Updated ( Monday, 05 March 2007 )
 
Next >