Posts tagged as:
This is an Important Notice to Kanoor Tech Readers about fakes e-mails from ofserv.alert@icicibank.co.in and so on .. which was notice with subject “ICICI BANK ACCOUNT NOTIFICATION”. It’s an Fake Notice to Steal your Bank Data..
The E-Mail i got today at 3PM with subject line “ICICI Bank Account Notification” Then i went through the e-mail there was the e-mail Description like below :
[click to continue…]
{ 2 comments }
A new, unique type of phishing attack targeted against online banking customers was recently discovered by the RSA FraudAction Research Lab. RSA has coined this as a “Chat-in-the-Middle” phishing attack and it is first executed through routine means but then presents a more advanced layer of perpetrating online fraud. The phishing attack may dupe bank customers into entering their usernames and passwords into an ordinary phishing site but the addition of a bogus live chat support window can obtain even more credentials via a live chat session initiated by fraudsters.
During the live chat session, the fraudster behind the attack presents himself as a representative of the bank’s fraud department and attempts to dupe customers who are online into divulging sensitive information – such as answers to secret questions that are used for online customer authentication. This attack is currently targeting a single U.S.-based financial institution.
Upon detecting the attack RSA immediately informed the affected financial institution and commenced a standard phishing attack shut-down procedure through the RSA Anti-Fraud Command Center and its RSA FraudAction service. (RSA cannot identify this bank in order to protect its security and privacy.) The attack is hosted on a well-known fast flux network for “hire” from fraudster to fraudster, which hosts a wealth of malicious websites such as phishing attacks, Trojans infection points, mule recruitment websites, and more.
[click to continue…]
{ 3 comments }
It would be easy to think that once someone has logged in successfully to Facebook—and not a phishing site—that the security threat is largely gone
Earlier this week, however, Trend Micro researcher Rik Ferguson found at least two—if not more—malicious applications on Facebook. (These were the Posts and Stream applications.) They were used for a phishing attack that sent users to a known phishing domain, with a page claiming that users need to enter their login credentials to use the application. The messages appear as notifications in a target user’s legitimate Facebook profile.
After entering the credentials, users would then be redirected to Facebook itself.
While Trend Micro has informed Facebook of these findings, users should still exercise caution when entering login credentials. They should be doubly sure that these are being entered into legitimate sites, and not carefully crafted phishing sites. The particular site involved in this phishing attack is already blocked by the Smart Protection Network.
{ 2 comments }
