Advertisement
Promo

Security threats Toolkit

Fake bank email tries to con customers

James Pearce ZDNet Australia

Published: 14 Aug 2003 13:05 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Another fraudulent email is doing the rounds, this one attempting to trick people into providing their Westpac bank account details.

According to Andrew Kent, the chief executive of SpamTrap, the emails were sent out in the early hours of this morning. SpamTrap’s honeypots collected samples of the fraud between the hours of 1.45 a.m. and 8.10 a.m. Over 800 examples of the fraudulent email were collected, more than twice the number collected during similar scams earlier this year.

Like the earlier scams, this email utilised graphics from Westpac’s Web page, as well as a fake link that purports to lead to the legitimate Westpac site but instead takes you to a fake site. However, unlike previous attempts, where the fake address could be spotted by holding the cursor over the link and viewing the fake URL in the taskbar, this email displayed the URL for the real Westpac site in the taskbar.

It achieved this by having the link as the real URL followed by a large number of spaces written in HTML code, some random characters, an “@” symbol and the fake URL. The large number of spaces forced the second part of the address out of view on the taskbar. According to Kent, the “@” symbol causes the browser to ignore everything before it and jump straight to the URL after it.

“It’s a hard thing for the banks to do anything about,” Kent told ZDNet Australia. “Apart from user education there’s very little you can do.” Kent said that because the fraudulent email is mass-mailed to a large number of addresses, an effective spam filter will prevent it. He said none of these scams had made it through SpamTraps defences, as they were registered as spam.

The latest scam also resembled the others in the use of poor grammar, such as “Our new security system will help you to avoid frequently fraud transactions and to keep your investments in safety” and “Due to technical update we recommend you to reactivate your account”.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
50 out of 98 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters