General Discussion

[eBay - 'Please update your Ebay account information!']

FYI...more:

eBay - 'Please update your Ebay account information!'
- http://www.antiphishing.org/phishing_archive/06-24-04_eBay(Please_update_your_Ebay_account_information).html


Citibank - 'accounts@citibank.com'
- http://www.antiphishing.org/phishing_archive/06-23-04_Citibank_(accounts@citibank.com).html

 

[PayPal - "Verify and update your PayPal information"]

FYI...

PayPal - "Verify and update your PayPal information"
- http://www.antiphishing.org/phishing_archive/06-25-04_PayPal_(Verify_and_update_your_PayPal_information).html
25-Jun-2004

[eBay - 'eBay Update Information']

FYI...

eBay - 'eBay Update Information'
- http://www.antiphishing.org/phishing_archive/06-29-04_eBay_(eBay_Update_Information).html
29-Jun-2004

Visa - 'Protect your debit card from fraudulent online transactions'
- http://www.antiphishing.org/phishing_archive/06-28-04_Visa_(Protect_your_debit_card_from_fraudulent_online_transactions).html
28-Jun-2004

[Wells fargo - 'Your account at Wells Fargo has been suspended']

FYI...somehow, you just -knew- they were going to get another one in before month-end:

Wells fargo - 'Your account at Wells Fargo has been suspended'
- http://www.antiphishing.org/phishing_archive/06-29-04_Wells_Fargo_(Your_account_at_Wells_Fargo_has_been_suspended).html
29-Jun-2004

 

[The Anti-Phishing Working Group]

"Recent Phishing Attacks..." will be ongoing, and new advisories will be available here:

The Anti-Phishing Working Group

("The number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically...The Anti-Phishing Working Group has compiled a list of recommendations...that you can use to avoid becoming a victim of these scams..."
- http://www.antiphishing.org/consumer_recs.htm )

[Phishing Attacks Linked To Organized Crime]

FYI...

Phishing Attacks Linked To Organized Crime
- http://www.securitypipeline.com/showArticle.jhtml?articleId=22104197&printableArticle=true
July 07, 2004
"Federal and state law enforcement have linked organized crime to phishing attacks that are increasing in both volume and sophistication. "There's a lot of activity in the former Soviet bloc, the Eastern bloc, Latvia, and Ukraine," says John Curran, supervisory special agent with the Federal Bureau of Investigation's Internet Crime Complaint Center. "It definitely looks like there are organized groups."...The U.S. Secret Service has also noted an increase in organized crime involvement in phishing...."With phishing attacks, the information goes global." The Anti-Phishing Working Group, an industry forum, reported 1,197 unique attacks in May 2004, up from 402 attacks in March..."Early on it was amateurs," Maier acknowledges. "There is still some level of amateurs doing this, but more and more this looks like the work of professionals. There are a number of attacks against Australian banks that point back to Asian gangs. And we can tell by looking at the nature of some of the attacks, the ones that use common elements and come back to common websites, that multiple attacks are linked." Making matters worse are hacker websites...that sell phishing starter kits. "There's a whole underground economy of trading credit card information back and forth and the tools for doing credit card fraud," Maier says..."

[Phishers Face More Jail Time]

FYI...

Phishers Face More Jail Time
- http://www.techweb.com/wire/story/TWB20040715S0004
July 15, 2004
"President Bush on Thursday signed into law a bill that stiffens criminal penalties for identity thieves, including those who purloin information electronically using phishing attacks. Known as the Identity Theft Penalty Enhancement Act (ITPEA), the new law sets punishment guidelines for anyone who obtains or holds someone else's ID-related information with the intent to commit a crime...The ITPEA's goal is to make sure that identity thieves don't walk away unpunished. It adds an extra two or five years, depending on the severity of the crime, to sentences, with the additional years served without the possibility of parole..."

[AIM Phishing]

FYI...

AIM Phishing
- http://isc.incidents.org/diary.php?date=2004-07-21
Updated July 22nd 2004 11:31 UTC
"Phishing is not just for e-mail anymore. A reader associated with antiphishing.org reported a new twist to this scheme that advertises malicious URLs via Instant Messaging. This scheme has been used a few times in the past to distribute viruses.
This new message reads "you have been sent a picture. To view it, Click here". In this sample, the 'From' address is four random letters. However, a 'trusted' name could be used.

It is important to understand that most instant messaging systems use only weak authentication schemes. Instant messaging is not a tool to exchange confidential information. Only few instant messaging systems allow for encryption and sophisticated authentication. If you need instant messaging to communicate confidential information, use a system which allows you to control the server and provides for encryption and reasonable authentication. Jabber is an example of a free package."

>>> http://www.jabber.org/user/

.

[USBank phishing email]

FYI...

- http://isc.sans.org/diary.php?date=2004-07-25
Updated July 26th 2004 02:30 UTC
"...We had yet another report by fellow handler Scott Fendley of a USBank phishing email. This site collected your personal banking information including asking for your password. The site brought up two webpages, the valid USBank web page and a second webpage that appeared to be from USBank asking you to confirm your information. The information was then posted back to the site where the request originated from. This was reported to the offender's ISP and USBank. Remember to always think before you click. Any request for your personal information that you were not expecting should be verified..."  

(...by -phone- contact!)

- http://www.antiphishing.org/phishing_archive/07-23-04_US_Bank_(Notification_of_US_Bank_Internet_Banking).html

.

http://boards.cexx.org/viewtopic.php?t=8216

Looks like a phishing scam to me.

[Your Daily Phish]

FYI...

Your Daily Phish
- http://isc.sans.org/diary.php?date=2004-08-01
Updated August 2nd 2004 01:25 UTC
"...A user submitted to ISC today another phishing email scam. This one wanted the victim to change their pin number. As a general reminder, keep in mind which email address, if any, you have given to your financial institution(s) and always verify before you update any information requested via email..."

"...Always verify before you update any information..." (hopefully, your phone is still in working order)
- Words of Wisdom

[On individual response to phishing emails]

FYI...

- http://isc.sans.org/diary.php?date=2004-08-04
"On individual response to phishing emails:
Phishing incidents are on the rise. The handlers are receiving more and more reports of suspicious emails...recommended response procedure is as follows:
i) report the email to the impersonated company’s abuse address (typically this is abuse@victimdomain.) Include a copy of the email and the full delivery headers. Their teams will use this information to determine the source of the email, and the location of the collection server.
ii) report the incident to antiphishing.org. They are scientifically tracking these incidents and organizing responses. ..."

.

[New phishing scam: Spoofed campaign site]

FYI...scams on the Web:

New phishing scam: Spoofed campaign site
- http://www.computerworld.com/printthis/2004/0,4814,95030,00.html

Phishing attacks on the increase
- http://www.pcw.co.uk/news/1157086
"Phishing rose by almost a fifth in June, with 1422 unique attacks reported to the Anti-Phishing Working Group. According to a report from the Group and security firm Websense, there were an average of 47.4 phishing attacks in June, up 19 per cent from 38.6 reported in May...Criminals have honed their methods of attack and are using executable code that copies key strokes in addition to sending the more conventional emails seeking personal details...'So, they've started to deploy executable code that copies all your key strokes that sends it to a server somewhere across the world. 'To drop it, they send an email that looks like you want to open it. They try and find a subject that is serious enough for you to open it and then drop the code into your machine'..."

[Do-It-Yourself Phishing Kits Lead To More Scams]

FYI...

Do-It-Yourself Phishing Kits Lead To More Scams
- http://www.techweb.com/wire/story/TWB20040819S0006
August 19, 2004 - By Gregg Keizer, TechWeb News
"Do-it-yourself phishing kits are freely available on the Internet, a security firm said Thursday, and they will lead to more scams sent to online consumers. “Until now, phishing attacks have been largely the work of organized crime gangs,” said Graham Cluley, a senior technology consultant at the U.K.-based security vendor Sophos...The problem's grown so far so fast that on Wednesday, the National Consumers League, the oldest consumer advocacy group in the U.S., said that this purloining of identity is now the fourth most common type of Internet fraud. To combat the scams, the NCL launched an awareness campaign to educate users about how phishing works, how they can protect themselves, and where to go for help. The group backed up the campaign with a new Web site:
- http://www.phishinginfo.org/

...Although Sophos isn't certain about the reason why scammers have started to distribute do-it-yourself phishing kits, it's possible, said Cluley, that they're doing it simply because they can...He recommended that end users be extra-wary of any messages asking them to confirm financial information. “Recipients of suspicious emails claiming to come from online banks should just delete them,” he said. “And certainly not click on the links contained within the messages.”..."

.

[New Scam Tactic Hits Online]

FYI...

New Scam Tactic Hits Online
- http://www.eweek.com/print_article/0,1761,a=135038,00.asp
September 13, 2004
"In the escalating clash between online scammers and security vendors, the attackers have once again developed new tactics that give them the upper hand in bypassing filters and infiltrating corporate networks...The new techniques, which experts began seeing sporadically earlier this year and in large waves in recent weeks, involve the use of a process called steganography, or embedding or hiding text in an image. In the most recent cases, spam and phishing messages have incorporated complex images containing text. In some cases, the image files include hidden code designed to exploit known vulnerabilities in e-mail clients and Web browsers...The most prominent example of the steganography wave is a recent variation on the ubiquitous Citibank phishing scam that attempts to lure recipients into disclosing online banking user names and passwords. Previous versions used text and images, such as authentic-looking Citibank logos and privacy seals. But versions that began surfacing recently are made up of one large image file containing all the text..."
- http://www.antiphishing.org/phishing_archive/09-02-04_Citibank_(Citibank.com_Maintenance_upgrade).html

.