Monday, June 06, 2005
A couple of months ago this Blog addressed the deceptive computer practice known as phishing. You may recall that phishing is a form of Internet fraud. Typically hackers or phishers send out large volume emails intending to trick people into sharing personal information such as passwords or user names. These are later sold or used to steal from the innocent victim. Security researchers are reporting that a new type of phishing attack has recently become popular. Phishers are using stolen consumer data to rip off individual account holders at specific banks. According to the Anti-Phishing Work Group (APWG) there has been a large increase in the number of smaller institutions such as credit unions being target by phishers. This trend has evolved into attacks on individuals and their accounts. The phishing emails arrive at bank customer’s in-boxes with partial information, which is accurate. These criminals conducting “personal” phishing attacks have purchased stolen consumer data and are using it to get information that’s even more sensitive. The messages appear as if they originated at the victims bank and ask for information to verify other account information. Of course, an ATM PIN or credit card security code is a main goal. The “server security” company Cyota is advising consumers to avoid giving financial information online unless they have verified the legitimacy of the request.
Posted by Tony Accardi at 6/06/2005 12:13:00 PM