Network News

X My Profile
View More Activity

Phishers, Virus Writers Exploit Global Financial Crisis

Security experts and the federal government are warning that scam artists are leveraging public concern over the global financial crisis to steal sensitive financial data and spread malicious software.

In an alert posted Thursday, the Federal Trade Commission urged Internet users to be on guard against e-mails that look as if they come from a financial institution that recently acquired a consumer's bank, savings and loan, or mortgage.

"In fact, these messages may be from 'phishers' looking to use personal information -- account numbers, passwords, Social Security numbers -- to run up bills or commit other crimes in a consumer's name," the FTC said.

Security firm Arbor Networks details two recent malware attacks that try to trick recipients into opening an e-mail attachment. One e-mail, claiming to have been sent by the Federal Deposit Insurance Corp., warns recipients that their bank accounts were involved in fraudulent activity. The attached file, disguised as a written account of that activity, is in fact a program designed to swipe passwords from the victim's PC.

Another e-mail making the rounds, according to Arbor senior security researcher Jose Nazario, appears to come from Wachovia, which is slated to be acquired by Wells Fargo. The message tells recipients they need to install a special security certificate into their Web browser in order to do online banking with the new institution. The attached cert in question is, of course, more malware.

Phishers also are capitalizing on the banking crisis. Phishtank.com, a community-based effort to verify and track phishing Web sites, found this recent phish, which tries to convince Citibank customers to enter their account details at a fake Citibank Web site. This cleverly worded phish promises customers concerned about keeping their assets in U.S. banks "the option to have your account moved on our servers abroad."

Because we value you as our customer and share your concerns about your financial assets, we now offer you the option to have your account moved on our servers abroad. This will prevent any financial loss from your account in case the U.S. financial system collapses. This option is free of charge. After successfully completing the required steps, your account will be moved on our new servers located abroad. You won't feel any negative impact of account movement and you won't have any problems accessing your money from anywhere in the world.

No doubt, people who fall for this scam will have their funds transferred abroad: straight into bank accounts controlled by organized criminals.

I think it's fair to assume we can expect attacks exploiting public concern over the banking sector to continue and even increase in their sophistication. Remember, not all e-mail-based phishing and malware attacks are alike: Scammers also are using very targeted techniques, addressing recipients by name and including other details that can increase the apparent authenticity of the come-ons.

Remember, never click on or open attachments in e-mails that you weren't expecting, even if they appear to come from someone you know. Also, banks should never ask for any personal information via e-mail, and I'm not aware of a single legitimate instance of a bank asking customers to install anything on their computers.

The FTC advisory includes a long list of other excellent security and privacy tips:

* Don't reply to an email or pop-up message that asks for personal or financial information, and don't click on links in the message - even if it appears to be from your bank. Don't cut and paste a link from the message into your Web browser, either. Phishers can make links look like they go one place, but actually redirect you to another.

* Some scammers call with a recorded message, or send an e-mail that appears to be from an institution, and ask you to call a phone number to update your account. Because they use Voice over Internet Protocol technology, the area code you call does not reflect where the scammers are. To reach an institution you do business with, call the number on your financial statements.

* Use anti-virus and anti-spyware software, as well as a firewall, and update them regularly.

* Don't e-mail personal or financial information. E-mail is not a secure way to send sensitive information.

* Review your financial account statements as soon as you receive them to check for unauthorized charges.

* Be cautious about opening any attachment or downloading any files from e-mails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer's security.

* Forward phishing e-mails to spam@uce.gov - and to the institution or company impersonated in the phishing e-mail. You also may report phishing e-mail to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.

* If you've been scammed, visit the Federal Trade Commission's Identity Theft Web site for important information on next steps to take.

By Brian Krebs  |  October 10, 2008; 4:43 PM ET
Categories:  Fraud , Latest Warnings , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Apple, Opera Ship Security Updates
Next: Microsoft Stock Price Routinely Dinged by Security Patches

Comments

All good suggestions and warnings but no doubt your readers already abide by these practices. How do we get to the non-security savvy?

Posted by: Rosie | October 10, 2008 8:06 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company