Navy Federal Name Abused for Phishing Attack
PandaLabs has cautioned web users to be cautious of latest phishing attack, which is imitating the Navy Federal Company's site and using its name to steal user's data.
The security officials informed that phishing is a general kind of scam that can result in stealing user's private information like credit card numbers or online banking passwords.
A member of the PandaLabss' research team, Oliaz, stated that the phishing campaign begins with users receiving a mail, reportedly from Navy Federal- and they are asked to click on an attached link, as per the news published by infosecuirty.com on May 18, 2010.
In his security blog, Oliaz compares the two sites and said that there are some differences in the address bar of the fake site as against the authentic one, as it is an http site and thus has a lock with it. Oliaz added that the icon of the company is different in the bogus website.
Further, the PandaLabs researcher says that if users have logged into a fake site, another page will appear claiming that their password has been locked and they need to fill in the form in order to unlock it.
In addition, Oliaz stated that after the details are disclosed, the users are again taken to the original website. In this way, users remain ignorant of the fraud scam.
» SPAMfighter News - 5/29/2010
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!