Only the stupid fall for phishing?
At least I used to think so. The old phishing attacks we used to get were pretty easy to spot. The spelling was bad and the presentation was aweful. However, the perpetrators have been getting more sophisticated, and employing sneakier methods.
Take this email I just received. It warns me that my Commonwealth Bank account is about to expire. Now, I’m not a Commonwealth Bank customer, but a lot of Australians are. I would be surprised if some of those customers didn’t fall for this one. The email looks geniune enough.
If I follow the link, the Web site itself actually looks exactly the same as the Internet banking login page (minus a few minor differences) for the bank.
I wonder how many of their customers will fall for this one? I think a few will, and that’s all they are banking on.
Comments
Comment from Darryl Lyons
Time: June 18, 2006, 10:22 pm
I agree. But they must get some people, otherwise they wouldn’t do it.
Comment from JunJun Ringo
Time: June 18, 2006, 11:21 pm
This is why its so bad that so many banks immediately put you into fullscreen mode minus the address bar when you first login. ANZ are guilty too. You should be able to see the url is the correct site at all times.
Comment from Darryl Lyons
Time: June 19, 2006, 5:34 am
Actually, that’s a good point. The bank in this post are also guilty of this.
Comment from Michael
Time: August 30, 2006, 12:20 am
I’m a fan of email and not a fan of regular mail. I will never follow a hyperlink within an email. I’ll always go to the homepage and login from there.
Comm. bank had better send a mailing to alert it’s bankers of the fraud attempt.
Comment from Weyert de Boer
Time: June 18, 2006, 9:59 pm
Like I bank will e-mail that your account will expire, such things should only be done through regular mail. I always ignore such e-mails…