SA Banks Alert Customers about Phishing Scams
In the wake of an upsurge in fraud scams on the Internet South African banks sent out warning to its customers in early July 2007. Absa has been messaging to thousands of customers using online banking services through SMS warning them to ignore e-mails that ask for details update.
The official message says that Absa would never send its customers e-mail to update their banking and personal information therefore they should be cautious about the recent phishing scam.
Absa also recommends its customers to avoid using computers that public can access and use SMS alerts instead of e-mail. It said that the future RVN (Random Verification Numbers) notices would be issued via SMS and not e-mails.
FNB, also a South African bank too issued warnings in the same week following the scams. An FNB customer reported that he received a new phishing email that appeared quite convincing.
The e-mail said that during an online banking maintenance session, the recipient's account was specially identified with some missing information and so it is necessary that he confirm his identity and details. The e-mail urged the customer to click on a link that actually directs to a fake site displaying a blank form to fill it with pin codes and bank account information.
In Africa, local phishing attacks are likely to grow with the increase in South African clients for online banking, said Ian Janse van Vuuren of the SA Banking Risk Information Center, as reported by Legalbrief Forensic on July 5, 2007.
Chief Executive Officer of FNB online, Chris Kotze said that phishing attempts grew during May-June 2007. He added that every month the bank shuts down 40-70 phishing sites that stay active for just 3-4 days. Legalbrief Forensic published Kotze's statement on July 5, 2007.
The Anti-Phishing Working Group in the U.S. identified a huge number of exclusive phishing websites ranging from 35,000 to 55,643 over March-April 2007. As FNB and Absa introduce One Time Pins and RVN and send them through SMS, phishers are attempting to gather wider information from potential victims that would help them in card fraud and telephone banking scams.
» SPAMfighter News - 17-07-2007