 |
|
DAILY NEWS AND INFORMATION FOR THE GLOBAL GRID COMMUNITY /
|
Breaking News - Security:
Arrest Made In United Kingdom "Phishing" Case
British police have made one of the first arrests in connection with an
Internet scam known as "phishing," which is plaguing the fast-growing Web
banking business. A 21-year-old man is accused of trying to steal the banking
details of customers at UK Internet bank Smile, authorities said.
Over the past year, crafty programmers have been honing the scam by creating
bogus e-mails and increasingly realistic Web sites where they try to con
Internet customers out of their bank details or credit card numbers.
"It is believed this man was a copy-cat phisher, and is not connected to the
organised crime group that is behind the global swathe of phishing scams
targeting bank users in Australia, New Zealand, the UK and the USA," the UK's
National Hi-Tech Crime Unit (NHTCU) said in a statement.
The NHTCU said officials from the The Co-Operative Bank, who operate
www.smile.co.uk, reported the scam last month to police.
A Smile spokesman said a "handful" of the bank's 500,000-plus customers
supplied their details to the bogus site. "My understanding is nobody has lost
any money," he added.
Banks, Retailers Targeted
Some of the largest retail banks in the world, including Barclays, Lloyds TSB
and NatWest in the United Kingdom, have been hit by the scam over the past
year. Another favored target is auctioneer eBay's online payment service,
PayPal.
In most cases, the scammers create elaborate looking e-mails masquerading as
official notices from a bank or retailer saying their account needs to be
updated or that a new product is on sale.
A link is provided in the e-mail to an official-looking Web site where the
customer is instructed to input account details and credit card numbers.
Online banks regularly post warnings on their Web sites that, as a matter of
policy, they will never e-mail customers asking them for their banking
details. Still, as the fraudulent solicitations and sites are perfected to
look more and more authentic, police are warning the public to be
hyper-vigilant.
Len Hynds, the head of the NHTCU, said "phishing" scams now represent about 25
percent of the unit's caseload, adding that banks and retailers are reporting
on average two warnings per week since January.
Ed Barlow, a technology director for Web security firm Kavado Inc, said a
powerful new phishing variation has emerged in the past three months in which
fraudsters have taken over a genuine Web site and had the user's inputted
details diverted to a storage point under their control.
In the realm of online fraud, he said this example is relatively rare at the
moment. But he demonstrated how it could be done at a security trade show in
London this week using a mocked up pet store Web site.
Security specialists and police repeatedly warn Internet users not to click on
e-mail links unless they are certain of the sender.
Barlow goes a step further, suggesting a remedy that will not please e-mail
marketers.
"If you are going to go into a Web site, go in directly through a Web browser,
not through an e-mail link," he said.
|