Phishing Assaults Targeted at Westpac and Regions Banks

According to researchers from Sophos, the security company, several phishing assaults during the recent past, attacking clients of Westpac Bank within New Zealand and those of Regions Banks inside USA, have been observed. More banks within Australia, UK and USA are also getting attacked, the company claims.

Addressing the customer with esteem, the phishing electronic mail tells him that the online department of the Regions Bank has selected him for answering a simple and quick survey for a reward, while informing that each year, the survey is conducted on 1,000 select members. Essentially, this survey seeks to gather customers' opinion regarding the bank's services, while giving them in return $35,000 as credit to their savings account. Thus, for obtaining the survey, users require taking down the attached online form from the e-mail, the message suggests.

Meanwhile, the Wespac's e-mail is essentially similar except that it presents New Zealand currency rather than US dollars, Sophos outlines.

Elaborating more about the phishing scam, Senior Technology Consultant Graham Cluley at Sophos stated that the spoofed electronic mails he discovered each had an HTML form attached. Softpedia.com reported this on November 2, 2011.

Viewing the attachment, users were directed for replying certain survey queries as also enter details such as card number, its CVV, expiration date, ATM PIN, the users' full name, mother's name before marriage, their postal address, e-mail id, birth-date and name of place where they were born.

Apparently, the phishers transmitted the captured details onto hijacked computers located at Japan, USA and Iran, Cluley said. Nakedsecurity.sophos.com published this on November 2, 2011.

Additionally, Cluley remarked that surveys mightn't prove that great perilous, however, the ones which solicited sensitive data must surely be regarded with severity, while people must think again prior to responding to them.

However, to remain safe from getting victimized, users might follow certain suggestions. First, they must know that banks wouldn't ever direct them for dispatching confidential data through e-mail. Thus, incase anyone got such an electronic mail in his mailbox he should overlook and erase it. Nevertheless, incase he'd been preyed on then he must talk to the bank instantly.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 11/9/2011