Barclays Bank Customers Confront Phishing Attacks
A massive online scam has exploded with 61 different types of phishing e-mails. The attacks have been targeted at Barclays Bank's customers. And millions of e-mails have been sent out to the mailboxes.
Panda Labs estimates that more than 2/3rd of phishing e-mails comprise those on Barclays Bank. The e-mails pose to have come from Barclays' 'customers care services'. They have random subject heads and ask customers to confirm or update their information, because the bank is about to have a software upgrade. The message also has a picture of Barclays Bank corporate, embedded.
The fake e-mail has a link which if clicked will direct to a phishing website that looks similar to Barclays Bank's own website. The site entices the users to put in their details like bank account number, PIN and credit card numbers. These details get transferred to phishers who then steal the customers' money.
According to Luis Corrons, director of Panda Labs, the attacks could be coordinated and originate from several places simultaneously. They try to spread fast and collect a huge amount of confidential bank information. The attacks are relatively more sophisticated than the usual ones. Several domains host the false web pages that make them difficult to disable. The e-mails also appear to be very authentic while the messages have errors in spellings.
The phishing website is reported to be hosted by five different domains. That is why all the e-mails do not connect to a single website. The hosts of these websites are based in Korea that has been asked to shut the sites.
Although apparently the number of messages has slightly declined, the situation can happen again, said Corrons. The culprits aim this attack to gather as much secret data as possible and if successful they could again mass e-mail such messages either to clients of Barclays or those of other banks.
Users are warned not to click on links given in such e-mails. If anyone suspects a phishing attack he/ she must inform the bank instantly. At the same time users should ensure deployment of adequate security measures on their PCs to save them from such attacks.
Related article: Brazilian President's Party Website Disrupted
» SPAMfighter News - 20-09-2006