Twin Phishing E-Mails Pose from Bank of Hanover

During the period from May 24 to June 6, 2007 twin e-mail messages purporting to be Bank of Hanover letters have made place in the mailboxes of both customers and non-customers.

The first message pretended to relate to a survey by the bank. It offered $500 as deposit to people who would complete the questionnaire. The second message claimed to be a warning notice from the bank to customers about a probable phishing attack and so asked them to open a link where they could update their account and use the new facilities.

The link in the 'survey' e-mail took users to a Bellevue, Wash.-based server hosting a fake Bank of Hanover website. There the users were asked six questions but with that the web page also asked for the user's name and telephone number before showing the "submit" button. The false web page also asked for users' credit or debit card numbers, the expiry dates of the cards and users' PIN numbers.

The link in the 'notice' e-mail lands users to a domain being hosted in Zimbabwe. But on clicking it the user would not get connected to the site's server.

Since the spam mail scams are unlawful, the company hosting the website to which the scam link connects can shut down its site. However, it is difficult to trace the spam culprit since spammers' activities typically happen overseas. Hudson from the bank said this in a statement that EveningSun.com published on June 6, 2007.

Bank of Hanover's parent company, Sterling Financial started receiving telephone calls from customers on May 28, 2007. It was really frustrating that some bad guys were taking advantage of the bank's unsuspecting customers. And indeed it drains on the bank employees' time and energy because they will do the whole hog to shut these malicious people down. Hudson said this in another statement that the York Dispatch published on June 1, 2007.

True scammers are getting smarter in their attacks, but the bank would never enquire customers' personal information via e-mail. Therefore, if they receive any suspicious e-mail, they should contact the bank without delay, recommended Hudson.

Related article: Time Warner Customers Receive Phishing E-Mail

» SPAMfighter News - 6/19/2007