Jamaicans Receive Phishing E-mails from Legitimate Websites
Cyber criminals have invaded the e-mail accounts of several clergymen in Jamaica and tried to steal money from the contacts enlisted in their e-mail address books.
According to recently received reports, fraudsters have hacked into the accounts of six or seven ministers, which include the general secretary of the Jamaica Council of Churches (JCC).
The e-mail seems to have arrived from websites disguising as Yahoo! or Microsoft Hotmail to inform the recipient that the concerned company wants him to update his account details or his account might have been hacked so he should change his password.
The page seems authentic as it contains all features of a genuine page including the company's logo and updates field wherein the recipient is asked to fill in the new password. As the recipients clicks on the submit button, the information is sent to cyber crooks' websites instead of going to Yahoo! or Microsoft.
In some cases, the messages in the e-mails talk about the men traveling abroad but have lost their wallets. There are some mails that refer to the illness of a relative who has no money to pay the hospital fee. People receiving this kind of mail unconsciously allow hackers to steal their money.
Detectives from the Cybercrimes Investigation & Research Unit, Jamaica Constabulary Force, said that they had received many complaints from the influential people across the country, as reported by Jamaica Observer on May 18, 2009.
Moreover, Sergeant Patrick Linton, Detective, said that majority of the phishing activities were performed from Nigeria, a notorious West African country associated with other cyber crimes like 419 lottery scam, as reported by Jamaica Observer on May 18, 2009. The investigations have revealed that some of these scams operate within Jamaica.
Consequently, security specialists have suggested that people should be careful of these scams. They suggested to people that always check for 's' after http in the URL. The alphabet 's' refers to the socket layer that in itself is a kind of encryption. Moreover, users should avoid clicking on any link given in the e-mail to visit any website. They should directly feed in the URL of the website in the address bar.
» SPAMfighter News - 21-05-2009