A Growing SoPHISHtication

February 22nd, 2008 by JM Hipolito (Technical Communications)

The growing sophistication of phishing email has recently gone up another notch as reports of a very convincing voice phishing (aka “vishing”) attempt surfaced.

TrendLabs was alerted of a phishing email disguised as, ironically, a warning against phishing attempts. The message is actually quite convincing, with all the links even leading to the corresponding legitimate target pages.

The catch in this facade is that the message also gives a phony phone number that the recipient has to call in order to reactivate their account, which supposedly has been placed “on hold”. Upon calling the said phone number, it connects to a system which asks the user for their bank card number and PIN. After which, the rest, most especially the affected user’s fund, is history.

Below is a screenshot of the email message:

Sample Phish

This phishing email follows the footsteps of a similar attempt reported last week. While these developments are something to continually watch out for, users should be reminded that awareness and cautious browsing works like a charm against such attempts. As a rule, most financial institutions and organizations do not ask for one’s PIN or password to verify or reactivate an account.

Print Posts
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 4 out of 5)
Loading ... Loading ...

Subscribe in a reader

Most Recent Posts

Most Popular Posts

Links

Blogroll


Scan for free!