Phishing Scam Attacked Commercial International Bank Customers

The Hungarian Internet has been inflicted by numerous phishing e-mails that are apparently attempting to entice customers of Commercial International Bank (CIB) into visiting a bogus CIB login page and entering their private Internet banking credentials.

The e-mail, whose subject line reads "On Security," is written in the Hungarian language but with a lot of errors.

This phishing attempt follows the one previously launched during the 1st week of January 2010, within a span of not even 10 days. Its phishing or fraudulent website perfectly mimics the CIB's login page.

Replicas of the fraudulent e-mail also reached the virus lab of VirusBuster with "Fontosnak" as its header.

Further, both the samples of the phishing e-mail have taken shape via translation machine.

However, in an advisory, CIB stated that they notified the police about the incident.

The bank also informs clients that it does not dispatch any e-mail seeking their personal information.

According to it, these electronic mails, which the customers have received supposedly from trusted entities like CIB, try to capture users' confidential data much as in the cases of other similar e-mails. Additionally, such e-mails provide web-links, which redirect users to a bogus site. But consumers believing that they're on a trusted site input the details asked for that eventually land up in the hands of fraudsters.

CIB suggests that anyone, who receives illegitimate e-mail, or one which he thinks is highly unexpected, must first contact Commercial International Bank. This contact can be made through phone or any other means at the customer's disposal. The bank also suggests clients to always make sure that they're utilizing a safe Internet site. Accordingly, the URL address must have https:// in its prefix, while the browser should be displaying a padlock in its status bar.

Furthermore, CIB suggests users to avoid clicking on web-links embedded in e-mails. Instead they should type the URL address into their browser or utilize a bookmark that has been previously defined. The web addresses, which appear unflawed inside the e-mails, could actually lead to a fake site.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 1/21/2010