Thousands visit ATO phishing site

Stephen Withers
Friday, 19 June 2009 11:55

Business IT - Technology

Thousands of Australians have visited just one of the phishing sites currently trying to collect people's banking and other personal details on the false promise of a tax refund.

iTWire recently reported on an ATO phishing scam doing the rounds that tries to trick people into disclosing their banking or credit card information in enough detail to allow fraudulent transactions.

It turns out that nearly 8000 people visited the web site associated with just one variant of this scam.

The phishing attack that iTWire described delivered an HTML form as an email attachment. If the recipient completed the form and clicked the Print button, the entered data was covertly transmitted to a web server.

A variation on this theme uses the more conventional approach of linking to a form hosted on a web server.

According to Trend Micro, one such site was not adequately secured, allowing its security guru Adam Biviano to extract visitor statistics.

There had been 7870 visits up to July 18, with a total of over 98,000 page loads.

"It is important to note that the URL to this scam site has been forwarded and shared around online, in a kind of 'Wow, look how convincing this scam is' sense, and this will have contributed to the high hit rate this month," said a Trend Micro spokesperson.

"This is never a good idea and Adam urges Australians not to do this. It is not uncommon for sites such as this to serve a dual purpose and aside from phishing for information, they are often designed to attempt to invisibly infect visitors with data-stealing malware," he added.

The good news is that "in this instance that does not appear to have been the case."

Over 5600 visits and over 80,000 page views occurred on this one site during the first 18 days of June alone.