January 27, 2009 at 12:52 The Phishing Wave of Internet Banking
Details first. Today (January 27, 2009) by e-mail I received a letter allegedly from my bank asking “to confirm the electronic signature”, otherwise “access will be closed from 01/31/2009”. In the letter, a link of the form: 74.55.162.23/ibank2.htm
There was a clear phishing attempt on the person. Signs of a fake:
Of course, I didn’t leave any details to the scammers, but instead I sent a letter to my bank with a request to warn the remaining customers. I think that not all of them are IT specialists and are capable of revealing fraud at first glance.
If anyone is interested, I can post a screenshot of the letter - it's done relatively well. Oddly enough, the letter did not fall into spam (my mailbox is located at gmail), which indicates good preparation.
Why did I decide to write about it on the hub? This incident led me to the following thoughts. In the midst of the crisis, many employers decided to reduce their staff and on the street, among all others, there were many specialists from IT. Yes, of course, most of them are newcomers. But, I think, a certain percentage of "bison" also fell under the distribution.
Where to go everyone decides for himself. But in the current situation, for many, regardless of their qualifications, finding a job was not easy. In the legal sphere. The criminal structures have no crisis, but the lack of personnel, I think, is present. Therefore, if in a normal situation, such an experienced IT specialist would not even look in the direction of “unclean” work, now, there may not be a choice - everyone wants to eat. According to this, the criminal element has received a fresh influx of personnel with extensive experience in various fields of information technology. And in the near future we should expect an increase in attempts of various kinds of fraud realized above the usual level. Therefore, I urge everyone to keep their eyes open, increase vigilance and be prepared to repel enemy attacks :) And most importantly, do not forget about your friends,
In general, it is sad, comrades, it is sad that many bright minds will go to the dark side.
All this, of course, is only my thoughts, which may not coincide with the opinions of other people.
ps If anyone is interested, then the name of the bank is Rus-Bank-Ural, I myself am in Yekaterinburg. But, I think, a wave will soon go to other banks and other cities.
UPD:
So that respected Khabrovsk citizens do not have thoughts about the “yellowness” of the title, and “the alarmism of the author due to a single incident”, I add that so many of my friends today fell under similar mailings, which prompted me to write this note. And after talking with friends from the security service of anotherno less than a large bank, unofficial information was received. The fact that my case is far from an isolated one. That phishing scammers are not limited to. There were precedents for using trojans to steal access to Internet banks. Banks, by the way, prefer not to disclose such cases and it is not known whether they will return the money to the victims. Due to the fact that I have information about the mass distribution of this newsletter within Yekaterinburg, and there is no data on other cities, I placed this topic in my personal blog, and did not post it, like many authors of “yellow statues” in a thematic general a blog.
In addition, the main topic of the article is not the phenomenon of phishing as such, but the desire to draw the attention of people working in the IT field (both managers and ordinary programmers and system administrators) to the influx of reduced (deservedly and not so) personnel to the dark side of the IT industry .
I myself do not like yellow articles, fanning an elephant from a fly. But before brushing aside the things that are obvious to you as specialists, I urge once again to pay attention to the educational program of our friends, colleagues and relatives when working with critical information.
There was a clear phishing attempt on the person. Signs of a fake:
- Link to ip address, not to bank domain
- IP is in the USA
- The headings of the letter are forged. Return-Path and Recived contain the real address of the dispatch, From - the address of the bank.
- When you click on the link, an exact copy of the login form in the Internet bank opens. Except that in the original it is a java applet, and for scammers it is an html form. Composed, by the way, with errors :)
Of course, I didn’t leave any details to the scammers, but instead I sent a letter to my bank with a request to warn the remaining customers. I think that not all of them are IT specialists and are capable of revealing fraud at first glance.
If anyone is interested, I can post a screenshot of the letter - it's done relatively well. Oddly enough, the letter did not fall into spam (my mailbox is located at gmail), which indicates good preparation.
Why did I decide to write about it on the hub? This incident led me to the following thoughts. In the midst of the crisis, many employers decided to reduce their staff and on the street, among all others, there were many specialists from IT. Yes, of course, most of them are newcomers. But, I think, a certain percentage of "bison" also fell under the distribution.
Where to go everyone decides for himself. But in the current situation, for many, regardless of their qualifications, finding a job was not easy. In the legal sphere. The criminal structures have no crisis, but the lack of personnel, I think, is present. Therefore, if in a normal situation, such an experienced IT specialist would not even look in the direction of “unclean” work, now, there may not be a choice - everyone wants to eat. According to this, the criminal element has received a fresh influx of personnel with extensive experience in various fields of information technology. And in the near future we should expect an increase in attempts of various kinds of fraud realized above the usual level. Therefore, I urge everyone to keep their eyes open, increase vigilance and be prepared to repel enemy attacks :) And most importantly, do not forget about your friends,
In general, it is sad, comrades, it is sad that many bright minds will go to the dark side.
All this, of course, is only my thoughts, which may not coincide with the opinions of other people.
ps If anyone is interested, then the name of the bank is Rus-Bank-Ural, I myself am in Yekaterinburg. But, I think, a wave will soon go to other banks and other cities.
UPD:
So that respected Khabrovsk citizens do not have thoughts about the “yellowness” of the title, and “the alarmism of the author due to a single incident”, I add that so many of my friends today fell under similar mailings, which prompted me to write this note. And after talking with friends from the security service of anotherno less than a large bank, unofficial information was received. The fact that my case is far from an isolated one. That phishing scammers are not limited to. There were precedents for using trojans to steal access to Internet banks. Banks, by the way, prefer not to disclose such cases and it is not known whether they will return the money to the victims. Due to the fact that I have information about the mass distribution of this newsletter within Yekaterinburg, and there is no data on other cities, I placed this topic in my personal blog, and did not post it, like many authors of “yellow statues” in a thematic general a blog.
In addition, the main topic of the article is not the phenomenon of phishing as such, but the desire to draw the attention of people working in the IT field (both managers and ordinary programmers and system administrators) to the influx of reduced (deservedly and not so) personnel to the dark side of the IT industry .
I myself do not like yellow articles, fanning an elephant from a fly. But before brushing aside the things that are obvious to you as specialists, I urge once again to pay attention to the educational program of our friends, colleagues and relatives when working with critical information.