Bank of Petaluma Becomes Target of Spam Mails
Internet attacks are increasing in scale and direction. Simple attacks are converting to more sophisticate ones. The way Bank of Petaluma was targeted by Spam mails proves this point.
Among the many financial institutions this bank is the latest to experience impersonation via spam mail. In an incident, some Petaluma residents received a huge number of spam mails in their inboxes on August 29. The apparently innocuous messages pretended to be from "Bank of Petaluma" and email@example.com, but actually came from criminals of identity theft.
The director of marketing for Greater Bay Bank Corp (parent company of bank of Petaluma) Mr. Craig Van Selow said that some person was trying to collect confidential customer information through fraudulent means.
The explosion of hoax e-mails has raised the number of total phishing attacks by 30 percent. The e-mail messages try to extract private financial and personal information from innocent victims. One set of such e-mails had a link that appeared to take to "Fiserv", a well-known financial services company, but in fact led the users to www.bankofpetaluma.co.nr. Again this site looked alike the bank's official website, www.bankofpetaluma.com but in reality wasn't so.
To this Mr. Selow commented that the miscreants created a dummy site of the bank but before the bank found about the fake site, it had been disabled.
According to security website "ClamAV.net" it is risky for unprotected Windows users to even open the e-mail. For it has an identity theft worm called WORM_BANWOR.A that infects the user's computer. This worm rests in the memory of the system waiting for the user to browse the specific sites, where it intercepts information by keystroke loggers. The memory-resident worm takes advantage of the RPC/DCOM vulnerability by which the attacker can gain complete access of the target machine. He can then execute any code by sending a malware to the DCOM service. For this it uses the RPC TCP port 135.
Fortunately till date no Bank of Petaluma customer has reported being affected by the scam. They have neither suffered identity theft nor financial loss. The Bank hopes the disability of the fraudulent site will remain so and the site will not become active again.
Related article: Bank Issues Spam Alerts
» SPAMfighter News - 21-09-2006