Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Hackers Used Kiwibank To Dupe Unwary Customers

An email purportedly originating from the Kiwibank in New Zealand - recommending customers for keying in their updated personal information - is actually a malevolent phishing campaign, cautions Sophos.

Using the logo of Kiwibank, this email cons the customers in to clicking on the hyperlink provided in the mail, so that the users can key in their updated personal information and therefore make sure they remain eligible for the policy of banks while guaranteeing their funds.

The email goes like this: "...We're so sure of our Internet banking security-system that we assure your money...kindly continue with your Kiwibank personal online banking now to get more updates about your account maintenance."

Sophos's Technology Head Paul Ducklin said that phishing email didn't read like the one that customers would anticipate from a bank. ZD Net Asia published Ducklin's statement on May 29, 2007.

Ducklin further reminds users that the best way to keep themselves safe against phishing scams is to simply 'AVOID" them. While there could be low risk of being hooked, there's a lesson that everyone should learn from this campaign. Also, warnings have been sent out by Kiwibank on its valid website. The warnings urge customers, who might have clicked on the forged link, to change their passwords without delay and also get in touch with the bank as soon as possible.

Consumers & small businesses need to protect their servers, PCs, and gateways with a consolidated solution to thwart the threats of viruses, spyware, phishing, hackers and spam, as well as controlling which applications are authorized to run on the network. They should also think before executing any unknown application on their computers, recommends Ducklin.

"Sophos estimates that there are 70% malevolent web pages at present, being abused by malware spreaders and phishers, that aren't directly linked to cyber crooks. However these web pages are genuine websites that have been invaded & borrowed for carrying out cyber crime," said Ducklin.

Genuine websites also suffer due to these scams. And the website that was used in Kiwibank phishing scam seemed to belong to some sole-trader in the US. "This website is extensively blacklisted, and is offline now," as per Ducklin.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 6/7/2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page