Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: [1] 2

Author Topic: A new wave of Phishing  (Read 9354 times)

mr_chris

  • Kitizen
  • ****
  • Posts: 3774
A new wave of Phishing
« on: January 08, 2008, 06:55:40 PM »

I know most people here are probably aware of "phishing" scams... emails pretending to be from a legitimate source, usually banks etc, tricking you into visiting a page that looks identical to what you're used to seeing, and "validating" your details... usually in broken english, with a website address that looks like "yourbank.online.vds.e02.dodgychinese.hosting.cn/..."

There seems to be a new wave of them that are starting to get a bit more sophisticated. I've had a couple in the last few days pretending to be from all sorts of banks, and got one today that was "from" the Halifax.

The website address is http://i-halifax.com/ and as of ten minutes ago it was still working - it appears to have died now though. I have deliberately made the link non-clickable so you have to know exactly what you've done if you visit the site - I don't want to be responsible!!!

It was a direct clone of the halifax online banking page, and given the address used, I thought it was worth saying something about.

Just be aware, folks... these scams are getting clever. Learn the address of your online banking website and ALWAYS check it in the browser bar. If necessary write it on a post-it and stick it to the side of your monitor so you remember to check it every time you visit your bank's website!!

Banks will never (in my experience) ask you to visit their site directly from an email. If you do get an email asking to visit a site, you can always ring up your bank and check - they'd rather you do that than ring them to say you've been scammed!

Just a heads up :)
Logged
Chris

roseway

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 43467
  • Penguins CAN fly
    • DSLstats
Re: A new wave of Phishing
« Reply #1 on: January 08, 2008, 07:39:45 PM »

Good advice.
Logged
  Eric

mr_chris

  • Kitizen
  • ****
  • Posts: 3774
Re: A new wave of Phishing
« Reply #2 on: January 08, 2008, 07:47:11 PM »

Banks will never (in my experience) ask you to visit their site directly from an email.

Just been chatting to kitz - and she reminded me that Egg do send out emails linking to their site.

But... these are more like "your statement is ready" type of emails rather than "Validate your secure detail for us so we can continuing to offer you security service"

Banks will never email you asking you to verify security details, no matter how convincing they make the reasons sound. They already have your info and enough security to know who you are!
« Last Edit: January 08, 2008, 07:56:36 PM by mr_chris »
Logged
Chris

Floydoid

  • Addicted Kitizen
  • *****
  • Posts: 9640
  • Prog Rock Fan
Re: A new wave of Phishing
« Reply #3 on: January 08, 2008, 07:57:38 PM »

The simplest and most sensible way is to have your bank site bookmarked and use that as the only point of entry to the site.

and if in doubt, give them a quick phone call first. :)
Logged
"We're going to need a bigger swear jar."

UncleUB

  • Helpful
  • Senior Kitizen
  • *
  • Posts: 29543
Re: A new wave of Phishing
« Reply #4 on: January 09, 2008, 06:37:41 AM »

I had a Halifax bogus site in my spam folder about this time last year.The alarm bells started ringing when a)centre was spelt center and b) it said if I did not update my security details by 29th feb ( there was no 29th feb last year)my card would not be valid.I then logged on to the offical halifax site and there was a link to send them the bogus address for them to follow up and delete it once sent to them.
Logged

Floydoid

  • Addicted Kitizen
  • *****
  • Posts: 9640
  • Prog Rock Fan
Re: A new wave of Phishing
« Reply #5 on: January 09, 2008, 09:06:48 AM »

I've never had any problems, but then again I don't bank with any of the big players.
Logged
"We're going to need a bigger swear jar."

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33881
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: A new wave of Phishing
« Reply #6 on: January 09, 2008, 01:38:49 PM »

>> I've never had any problems, but then again I don't bank with any of the big players.

Same here for my main account... and that's what I thought up until a month or so ago... 
when I was quite surprised to see a phishing mail with my banks name on.
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Re: A new wave of Phishing
« Reply #7 on: January 09, 2008, 04:30:00 PM »

I'm with one of the smaller banks and few weeks ago I got this email with the title "Your xxx account has been suspended" Well did I panic, well no I just pressed the Junk button on Thunderbird mail browser.

I don't even open these type of email at all .

I do Like 'Floydoid' does always use a bookmark to start up my bank site details.

Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

Floydoid

  • Addicted Kitizen
  • *****
  • Posts: 9640
  • Prog Rock Fan
Re: A new wave of Phishing
« Reply #8 on: January 09, 2008, 05:38:01 PM »

What worries me is how do these phishing types know which bank you use?
Logged
"We're going to need a bigger swear jar."

roseway

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 43467
  • Penguins CAN fly
    • DSLstats
Re: A new wave of Phishing
« Reply #9 on: January 09, 2008, 06:36:29 PM »

By and large they don't. I've had several phishing emails purporting to come from banks I have no connection with at all, and never a single one from the banks I actually have accounts with.
Logged
  Eric

Floydoid

  • Addicted Kitizen
  • *****
  • Posts: 9640
  • Prog Rock Fan
Re: A new wave of Phishing
« Reply #10 on: January 09, 2008, 07:19:35 PM »

Thanks Eric, that's rather comforting to know. :)
Logged
"We're going to need a bigger swear jar."

mr_chris

  • Kitizen
  • ****
  • Posts: 3774
Re: A new wave of Phishing
« Reply #11 on: January 10, 2008, 11:22:14 AM »

Yep, they even try to gain your confidence by saying something like "This is an automatically generated email. If you are not a customer of BigNameBank plc you may safely ignore this email."

It's amazing (and frightening) how many people will simply accept whatever pops up on their computer screen without any thought as to WHY its there! This is who these emails are targeted towards, and unfortunately, they appear to be still working :(
Logged
Chris

UncleUB

  • Helpful
  • Senior Kitizen
  • *
  • Posts: 29543
Re: A new wave of Phishing
« Reply #12 on: March 31, 2008, 01:52:04 PM »

Hi all,just be on the lookout,I've just had 2 phishing emails in my bulk mail folder.One from Abbey National and one from RBS(Royal Bank of Scotland)They arrived within half an hour of each other telling me my accounts had been suspended and click on the link to update security details. :no:I don't bank with either.
Logged

guest

  • Guest
Re: A new wave of Phishing
« Reply #13 on: March 31, 2008, 02:20:37 PM »

The simplest way of doing this (if you have your own domain) is to create an email address for each bank account.

eg: me_mybank1@mydomain.com, me_mybank2@mydomain.com

Now you simply ensure that you NEVER give that address out to anyone other than your bank. Phishing is of course still possible but should be pretty easy to spot if it does occur.

I do the same for general internet shopping too - eg dabs_shopping@mydomain.com - which is very helpful for spotting who is leaking your email address.
Logged

UncleUB

  • Helpful
  • Senior Kitizen
  • *
  • Posts: 29543
Re: A new wave of Phishing
« Reply #14 on: April 11, 2008, 06:53:05 PM »

Hi all,just had another phishing email  supposedly  from RBS (Royal Bank of Scotland).My mail scanner picked it up as another site posing as RBS.The site was, jobvina.com.Its Vietnamese?I googled it and it was flagged up green by Mcafee site advisor?Didn't actually click on to the site,but just forwarded the email to RBS security dept.Don't even bank with them.
Logged
Pages: [1] 2
 

anything