23 Nov 2009

An interesting spoof

We have heard of the Nigerian lottery e-scams, Spamming etc. We usually assume that only lesser knowledgeable mortals might fall prey to such schemes. But times have improved and so have the scamsters. One really needs to be alert while dealing with any financial transaction online.

Recently, I logged into my mail account to find an interesting mail. Usually all such mails get the deserved treatment - "Send to Trash". But then this one interested me. Here is a screenshot of the supposed mail.

Thankfully it seemed to have originated from a bank that I have no account with. And it claimed to need my account login to rectify some online account flushing problem. So cleverly worded. Not a hint of asking for a password or login-id but indirectly commanding you to follow the link so that the problem can be resolved. Even asking you to use Firefox Thats classic ! Enough to even bait the unthinking open source evangelist ;-).

This mail reflects genuineness & exudes confidence in the way its drafted. It even has the corporate feel to it. What if I really had an account with the said bank ? Anyway I followed the url to analyze how the spoof site functioned. Sadly the Login URL seemed to hit a dead link. However I'm amazed ! It would have definitely garnered a few target victims before someone discovered the spoof.

The art of phising on the web really seems to be in good form and we must caution everybody against performing e-transactions without first checking the details. Modern browsers have sort of features enabled to prevent such attacks. Still its better to be wiser and more updated in the first place.

No comments :

Post a Comment