August 11, 2005 7:48 AM PDT

New scam asks people to fax away data

Phishers have added a new lure to their tackle boxes: e-mails that ask people to fax sensitive information to bogus security investigators.

In a new scam, attackers are sending e-mail warnings that appear to come from PayPal, security specialist Sophos said Wednesday. These e-mails say that someone tried to reset the recipient's password and asks him or her to participate in an investigation.

The e-mails direct people to a Microsoft Word document hosted on a Web site and urges them to download the form, fill it out, and fax it to a toll-free number, Sophos said. The form asks for credit card information.

The new tactic comes as people are becoming more suspicious of e-mails asking them to fill out sensitive information online, said Graham Cluley, a senior technology consultant for Sophos.

"We've seen a few attempts of this in the last few days, where phishers are trying out a new technique with people who have learned their lesson about filling out forms on a Web site," Cluley said. "They're hoping people will feel it's safer to fax back a form."

"It seems like a dumb way for the phishers to operate," Cluley added. "The authorities can easily track the phone number. But what isn't clear is whether they will get a (toll-free) number and then quickly dump it, or (whether they've) acquired the number using a false ID, or can have the calls transferred to a satellite phone somewhere outside of America."

E-mail-based phishing attempts may be getting less effective, though. As with other types of unsolicited mail, people are increasingly glossing over these messages as they troll through their inboxes, Cluley said. Phishers, as a result, are likely finding their mail-based efforts less fruitful.

"Trojans and worms are becoming more popular, because the information can be gleaned surreptitiously," Cluley said. "It's the way the trend is going."


Join the conversation!
Add your comment
Only idiots respond to such emails
So it's hard to feel sorry for them.
Posted by bobby_brady (765 comments )
Reply Link Flag
In order to reply to this story...
Please remember to include your credit card number, expiration date, and billing address in your post.
Posted by Harfeld Bilgewing (60 comments )
Reply Link Flag
Here is the requested data:
5674 7682 0923 9374
48573 Sucker Lane,
Fraudville, MS 94854

Oh, and the three digit security code on the back is 528.
Posted by hadaso (468 comments )
Link Flag
security and pricavy
someone need to know this..think so

<a class="jive-link-external" href="" target="_newWindow"></a>
<a class="jive-link-external" href="" target="_newWindow"></a>
Posted by (10 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.