Airport Website Used To Attack NAB Customers

Phishers are using e-mails to attack customers of NAB (National Australian Bank). The e-mail leads recipients to the hacked area of the website of Sarajevo Airport. The e-mail has various NAB logos and entices users to renew their accounts by clicking on the link given in the e-mail.

On September 25, 2006, Joel Camissar of Websense said that the Sarajevo incident appeared similar to the hacking of Samsung website that happened some weeks ago. The e-mail also contains Verisign logo, which gives a feeling of legitimacy to the users. Users who didn't know that the Verisign logo could be a faked picture did not doubt the authenticity of the e-mail.

Sarajevo Airport visitors are likely to be unaffected since the phishers seem to be more interested in hacking bandwidth and hosting space to spread their malware.

A spokesman for NAB said that it was extremely important for NAB customers to understand that the bank would never send them e-mails asking for password and personal details. He added that the customers would be greatly benefited by using their 'SMS authentication protection system'. It sends customers a code via SMS on their cell phones that they must key in on the site before conducting any transaction. Since the launch of the system in 2005, no customer with the registered SMS service has encountered a fraud. He also highlighted that only 10% of its customers are currently making use of the service.

Trend Micro's Adam Baviano says that banks stress that not entering details on phishing website is not enough.Customers are still at risk because in many cases the attacks took effect as soon as the website was opened. This is possible because phishers exploit vulnerabilities in operating systems, browsers and e-mail clients to install malware in users' computers.

Mr. Baviano further said that banks and financial institutions never disclose their customers' details. It is the customer himself who unwarily clicks on unauthenticated links causing infection on their systems. There are already a good number of flaws existing in various browsers like the patched WMF flaw in Windows and the unfixed VML vulnerability in IE.

Related article: Arbor Network - Storm botnet is Back

» SPAMfighter News - 10/3/2006