Four Malaysian Customers Suffer Loss of RM 100,000 to Phishing Scam
At least 4 users have been deprived of their bank accounts as they visited a fake Website that looked similar to the authentic bank site, as reported by nstonline on July 3, 2008.
The URL of the fake site bears a close resemblance to the real one that the users were not able to identify, and thus deceived.
Security analysts labeled it as a phishing case. phishing is a scam in which a hacker sends a mail appearing to have come from an authentic organization or institution to access a fake site. After reaching the fraudulent site, which looked similar to the original one, the user is directed to divulge all his personal account details.
The Chief Assistant of City Commercial Crime Investigation Department, Mohammad Aris Ramli informed that the 4 victims are all professionals between the age group of 25-30 and lost around RM 100,000, as reported by New Straits Times on July 3, 2008.
He said that the victims came to know about the scam after noticing that all the money in their account had been shifted to another account holder of the same bank.
Ramli informed that the method employed in this scam was easy. He said that in several cases, the users do not know the bank's Website URL. So, they use a search engine to locate it. When the search engine provides the list, many URLs are given containing both the authentic bank site and the phishing ones.
And by clicking on the wrong URL, the users landed up on a phishing site where they were asked to give their PIN numbers and password. Ramli added that after this, the remaining work is a simple task for the scammers, as reported by New Straits Times.
The next step involves a syndicate middleman, who has an account in the same bank, will access the password to transfer money form the victim's account to his or her own account.
Yet another phishing scam is used by the scammers in which they send mails asking the users to upgrade the security software of their accounts by visiting the site of bank, with the given URL in the address to be accessed which is that of the phishing site.
Related article: Free Web Host Services: spammer’s bull’s eye
» SPAMfighter News - 22-07-2008