Customers of British Gas Attacked in ID Theft Scam
The fake proposal of a refund arrives in an e-mail appearing to be sent by the British Gas headed "Refunded Notification". The mail offered the recipient a refund of £722.80 that would require as an identification proof either passport or driving license for receiving the refund, as per the reports by telegrapgh.co.uk on March, 2011.
The mail has a British Gas logo and gave the sender's address as firstname.lastname@example.org. According to the fake refund mail the recipient would be refunded with an amount of 732.80 GBP on the basis of eligibility after calculating the last year's gas and electricity activity. For taking the procedure further, the recipient is asked to submit the refunded request and provide the management a time period of 5-7 days for processing it".
But, to claim the refund, recipient must prove his identity, so the recipients are asked to fax copies of important documentation which includes an authentic colored, digital snap and is asked to scan the both the sides of their ID issued by the government (such as driver's license or passport). However, the recipients are asked to send their Name and Address, Town/City, County and Zip code along with the Driver's license number to the hackers at a fax number given in the bogus email.
However, the fact is that the mail is not sent by the British Gas and is a component of a larger email phishing scam being targeted towards the customers of British Gas and non-British Gas, as per the news by longton.south.co.uk on March 29, 2011.
Paul Ducklin, Researcher at IT Security Firm Sophos has recommended that avoiding sharing copies of identification documents with anyone, unless the law needs it. Even if the refund had come from an authentic company, faxing through documentation must always be ignored.
As per Sophos.com on March 28, 2011, modern fax machines are just scanner-computer-printer-modem combinations, frequently with network connectivity, the scanned documents might be held indefinitely where malware or cybercriminals might caught them.
British Gas spokesman stated that if anyone has been targeted in the above mentioned manner, they are suggested not to follow it as it is a part of recent scam and the Police are investigating the scam, as per the news by telegraph.co.uk on March 29, 2011.
Related article: Customer’s Data Leaked Out of a UK Loan Website
» SPAMfighter News - 08-04-2011