No. 1 Story
Construction needs cloud flexibility
Australia’s embattled construction sector could benefit from cloud based information systems that can be switched on and off in lockstep with individual projects – with the exception of those organisations based in remote areas like the Kimberleys.
read moreRelated Articles
Phishers, use, phone, instead, net, for, new, scamAustralian businesses are becoming soft targets for malicious hackers and they lag significantly behind...
Juniper Networks has extended its SSL VPN security to the iPad with the release...
Virgin Blue late yesterday confirmed it had sacked 20 staff for what the airline...
Microsoft is planning to dish up heapin' helpin' of security bulletins next week. So...
Using the same internal engine as Norton Internet Security 2010, including the new 'reputation...
Phishers use phone instead of net for new scam
Stan Beer
Sunday, 09 April 2006 15:36
Recipients of phish emails have become accustomed to seeing fraudulent phish URLs with particular traits and internet security specialist SurfControl, which detected the scam, said it is likely that phishers seeking Chase Bank customer’s information developed the technique to increase the success rate of the scam. This phish uses scare tactics and a technique distinctive from the typical phishing scams that target financial institutions. SurfControl is warning customers that this new attack could open the door to employees providing credit card and other personal data to the scammers.
SurfControl first discovered the phish in Australia.
“SurfControl's Global Threat Experts are tracking the new phishing technique to identify any emerging variations, which could potentially target customers of Australian banks,” said Ursula Radford, SurfControl marketing manager for Australia and New Zealand.
How the phish works:
The phish uses a toll free number which would have been registered, possibly using fake names or contact information. The appearance of a toll free number on the phish resonates with the typical toll free phone numbers used by the legitimate Chase Bank. When users dial the toll free number, they are greeted by a recorded message apparently from Chase bank. SurfControl submitted fake information to the phisher to examine the method employed by the scammers. A transcript of this recorded message is below:
Phisher: Welcome to Chase Bank account verification. Please type your 16 digits card number.
user: [types invalid 16 digit credit card number]
Phisher: Please type your 16 digits card number.
user: [types valid 16 digit credit card number]
Phisher: Please type expiration date, month first year later.
user: [types 4 digit date]
Phisher: Please type the last 4 digits of the primary card holder’s social security.
user: [types 4 digits]
Phisher: Wait please till processing. Thank you. Your account has been verified.
[Message terminates]
As a rule, there are no banks that ever contact customers asking for personal information by email.
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
