Phishers Target CartaSi Customers via Fake E-mails

As per the security firm McAfee, they have discovered a new phishing campaign that targets the clients of CartaSi, an Italian financial institution, to steal their account information.

The e-mail contains a message with a subject line Italian language "Effettuare l'aggiornamento dei dati." The translation of subject line means proceed with information or data update.

The e-mail also contains an introduction that tells users about phishing on the web. The scammers attach a bogus link that informs CartaSi clients how they could overcome the online banking problems.

If the victim clicks on the link, he is taken to an IP address in the form of 96.X.XX.X0 which downloads the clone of genuine "cartasi.it" page. This clone page has the capability of phishing personal information.

As per the security experts, computer users who click on the link could lead to infection on their system and put their personal information at risk.

Another interesting feature is the language error and grammar in the text which create suspicion in the mind of Italian readers.

Meanwhile, this is not the first time when phishers have targeted Italians. In May 2010, the Italian bank "Banca Popolare di Sondrio" became the top target of phishers. In this attack, they forwarded an e-mail containing a web link to the bank's Internet banking site - SCRIGNO.

Commenting on the recent attacks on the Italian banks, the security experts said that the main objective of these e-mails was to deceive unsuspecting users into giving away their personal information, credit card details and other confidential information. If the user exchanged this information, phishers could exploit it for committing identity theft and execute fake transactions with the help of stolen information.

Phishers also pilfer proprietary information from customers by deceiving them to visit a phishing website and by downloading spyware on the victims' computer so that the information could be stolen when the victim visits a legitimate website.

Now-a-days, not a single person is safe from the scammers' malicious intentions. Customers of financial institution, corporate powerhouses, insurance agents, and credit and loan organizations have become victims of phishing attacks. They also make their target to known organization because most of e-mails are forwarded to people randomly.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 7/6/2010