Phishers take advantage of Wells Fargo's woes
Although they look similiar, the fraudulent site above uses a URL that isn't SSL-protected (note the white address bar), nor is it from the Wells Fargo top-level domain (note the numbers in the URL). The fraudulent site also uses an older version of the Wells Fargo log-in page.
Sites monitoring phishing activity are today reporting an increase in Wells Fargo phishing sites as thieves looking to take advantage of an outage over the weekend have started sending out e-mail pretending to be from the San Francisco-based institution.
On Sunday Wells Fargo experienced an outage of its ATM and online banking services. The problem, which also affected back-end systems for the bank's mortgage, equity and student loans, had been resolved as of Tuesday afternoon. Because the bank needed to use backup records, individual account balances might not up be up to date for a few more days. Through the media, the bank has apologized for any inconvenience. However, phishers have wasted no time in sending out their own e-mails, pretending to be from Well Fargo.
The legitimate Wells Fargo site is SSL-protected (note the yellow address bar), uses the Wells Fargo top-level domain, and features the latest log-in page design.
Banks typically do not send e-mail to their customers; that should be your first warning sign. In one e-mail that begins "Dear Wells Fargo customer ...," users are invited to link to a fraudulent Wells Fargo phishing site in order to update account information. The site, still active on Wednesday afternoon, looked similar to the legitimate Wells Fargo site; however the phishing site did not use the latest page redesign, nor was the URL secure through Secure Sockets Layer (SSL) encryption, nor did it mention Wells Fargo within its top-level domain. When compared side-by-side with the legitimate site, the differences (especially within the address bars) should be obvious.
When accessing your online bank accounts, use a previously bookmarked URL or type in the address yourself. Once on the banking site, make sure the address bar shows a SSL connection (usually the address bar will be a different color and display a tiny paddle lock) before typing in a user ID or password. Also, the latest versions of Firefox 2 and Internet Explorer 7 include built-in antiphishing tools to block fraudulent sites, but these tools must be enabled first.
As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments. 
"Phishers take advantage of the publics continuing fascination with technical ignorance."
If the population at large would take an hour or two out of their lives to learn a little, they would fall "victim" to this.
That should be "padlock"
http://www.innercitypress.org/wells.html
- IT's WAR. Cyber War. And the Internet is the Battleground.
- by disco-legend-zeke August 23, 2007 9:56 AM PDT
- The massive DOS outages, spamming, and other attacks on the Internet are not just skript kiddies playing around. Those that are not terrorists are criminal organizations.
- Like this Reply to this comment
-
(5 Comments)One IP address in France made 3 or four ADMIN login attempts per second for several hours last week.
Its time for the good guys to start taking action, or we will go back to standing at long lines and bank-by-mail systems.