• On last.fm: Listen to Michael Jackson on Last.fm
October 2, 2008 4:10 PM PDT

New phishing attempt targets bank customers

by Elinor Mills
  • Font size
  • Print
  • 4 comments

Many people are wondering what to do now that their bank has been acquired in the wake of the lending crisis. Well, whatever you do, don't click on links in e-mails purportedly sent by your bank.

Security firm SonicWall said Thursday that it has been seeing e-mails that attempt to lure people to fake bank Web sites, where they are asked to re-verify their personal and bank information as part of a merger.

In one example that targets people affected by the Chase acquisition of Washington Mutual, the e-mail asks recipients to click on a link and confirm their identity so Chase can "activate new security features for our new and old online banking customers."

The link goes to a fake Chase Web site that asks for account log-in and other information, said Andrew Klein, a product manager at SonicWall. The scammers are gathering the information to sell to cybercriminals who will use it to transfer money out of victims' accounts or commit identity fraud, he said.

"Banks wouldn't do this online," Klein told CNET News. "Traditionally, what happens is you get a letter in the mail."

Phishers and scammers commonly exploit news events to lure victims to sites that contain malware or that ask them to supply information. Cybercriminals are even using Google Trends to find out what Web search terms are the most popular in order to make sure they have timely and relevant content on their sites with which to attract victims.

But this particular type of phishing attempt is particularly dangerous given how confused many consumers are about what the bank acquisitions will mean for them.

To test your knowledge of phishing and spam, try taking this SonicWall quiz.

This phishing attempt tries to get people affected by the Chase-Washington Mutual merger to give up their bank account information.

(Credit: SonicWall)

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

Privacy & data protection,

Vulnerabilities & attacks

Tags:

security,

privacy,

phishing,

banks,

e-mail

Share:
Digg
Del.icio.us
Reddit
Recent posts from Security
Log in with your face
See what's under McAfee's new interface
26 Windows, Office holes patched in 13 bulletins
McAfee: Spammers exploiting more news stories
Microsoft, Google split over browser bug bounty
Verizon temporarily blocks some 4chan sites
Security software maker Vitamin D exits beta
China breaks up Black Hawk hacking ring
Related
Behind the China attacks on Google (FAQ)
In their words: Experts weigh in on Mac vs. PC security
Update: Apple posts MobileMe help, billing info to assist users with phishing schemes
Android Market falls victim to crafty developer
Google's spy case: Not the first, nor the last
Government warns of looming cyberthreats
Want really secure Gmail? Try GPG encryption
China-based Google attacks similar to prior ones
Add a Comment (Log in or register) (4 Comments)
  • prev
  • next
by Solaris_User October 2, 2008 4:50 PM PDT
New phishing attempt targets bank customers: It's called the United States Congress.<br /><br />Don't worry about ID thieves.. we will take your money before they do.
Reply to this comment
by anguyen41 October 3, 2008 6:02 AM PDT
Thank you for this information.
Reply to this comment
by qi-fense October 7, 2008 7:02 PM PDT
We can also track email traffic on a variety of financial institutions - we have seen 5 specific attacks on citi, wachovia and wells fargo in the past 3 days - these generated many 100's of thousands of emails being sent from over 100 diferent IP addresses based in over 35 countries - again, all of this traffic stemmed from only 5 coordinated attacks. <br /> <br />Phishers like to strike at the most fearful and the most vulnerable. To the initiated, most of these emails are pathetic - but with those kinds of numbers, they are likely to catch a few of us unaware.
Reply to this comment
by Identity-Theft-Experts December 27, 2008 12:18 PM PST
Identity Theft Experts agree there is no complete solution for uninformed users who are constantly hooked by these scams. The fact is even well educated savvy people are scammed every day. Numerous tools incorporated into browsers and email programs will help stem the tide. But continually informing the public via articles like this in the mainstream is essential. www.IDTheftSecurity.com
Reply to this comment
(4 Comments)
  • prev
  • next
advertisement

Google's social side aims for some Buzz

Facebook and Twitter are the darlings of the social-media world, not Google--which hopes to change that with Buzz, betting it can organize your online social life.

Watching the birth of a gaming start-up

Stewart Butterfield and his friends are back at it with a new company. CNET's Daniel Terdiman was given exclusive, behind-the-scenes access as they built it from scratch.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET