Skip to content. | Skip to navigation

‘First $1m phishing fraud’ hits inboxes

Added:
Jul 24, 2008

A new attack on online banking customers looks set to become the world’s first million-dollar phishing fraud, according to Internet intelligence specialists Envisional.

The criminals behind this assault have come up with a new way to con bank customers into revealing passwords and log-in details – through colourful emails offering the chance to win $100,000 or an all-inclusive Las Vegas holiday package and claiming to be from Visa, Mastercard and American Express.

 

Most “phishing” attacks come in the form of spam emails addressed to customers of a particular bank and catch a few dozen people. The new approach threatens to trap many more customers, because it uses a single email to target online account holders with any one of 12 major banks, and persuades the victim to help the process along by selecting the right bank from a drop-down list.

 

This latest scam, detected by analysts at Internet intelligence and risk management company Envisional, begins with an email that looks like an online travel website, with photos and write-ups depicting grand Las Vegas hotels.

 

It offers a $100,000 personal credit card or the chance to win ten days in a top hotel, plus up to $30,000 spending money, to those who join a new “Casino Rewards” programme, supposedly run by Visa, MasterCard and Amex and sponsored by 12 large US and international banks.

 

People who click through to the website that offers further information are invited to pick their bank from a drop-down list, effectively identifying themselves as phishing victims. A further click takes them to a faked web page that mimics the log-in page of the bank in question. Username in one slot, password in the other, and the account is ripe for emptying.

 

“Despite all the previous warnings to consumers, a phishing attack on a single bank’s customers often leads to losses of up to $100,000,” says Envisional’s David Franklin. “But this attack is unusual, fairly subtle and targeted at 12 banks at once.

 

”Many more people will be taken in by this two-stage approach, in which the victim is initially reassured by the familiar credit card logos and then goes on to choose for himself from the list of banks.

 

“With more banks in the frame and more account holders being tricked, we can expect to see many hundreds of victims, mostly in the US, but also among UK and European customers of banks like Capital One, Citibank, MBNA and Wells Fargo. Total losses could easily be over $1 million.”

 

Source: www.envisional.com

 

Document Actions
Newsletter

E-mail address:

Newsletters:





Subscription:


 
July Events
12345
6789101112
13141516171819
20212223242526
2728293031
Upcoming Events
Directors Dinner – Sustainable Development with Rio Tinto Jul 16, 2009
NETIMPERATIVE NIGHTS: Is Mobile Marketing starting to live up to hype? Jul 22, 2009
All upcoming events…
Analysis
Guest comment: Why you need a lead generation strategy
Lead generation is often considered only as part of a general online marketing strategy. Justin Rees, Head of Marketing at LeadPoint, explains why the discipline needs more attention than that...
Apr 30, 2009
Right to reply: MPs should embark on social networking with their eyes wide open
While some politicians have made the leap into social media, many remain hesitant. Rob Marcus, Director of Chat Moderators, argues that it’s high time MPs embraced new communications platforms.
Apr 20, 2009
Blog: Starting up your online community
With everyone jumping on the social media bandwagon, how can you start an online community that stands out in the crowd? eModeration offers some tips.
Apr 17, 2009
Guest comment: Top 5 tips for harnessing Twitter for brands
How can brands get the most out of Twitter? Tom Griffiths, Business Development Manager at CheezeDMG offers some tips to generate conversions through conversations.
Apr 16, 2009
Blog: The Pitfalls of Community Management
How can you get the most out of online communities? eModeration details the most common pitfalls that brands across all sectors should avoid when they create and run an online community; and gives advice on how to overcome them.
Apr 02, 2009
All subject items…