A Counting School - Hardcore Chartered Accountancy

since 1494

News

"Hardcore Chartered Accountant" does have a nice ring to it

Receive Email Updates

ACS & www.krupo.ca

Other good places

Timesinks

Fresh petty bank fraud online

This summer saw a rash of phishing attacks on customers of TD Canada Trust.

Opportunistic crackers suckered people unfamiliar with the Internet into giving away their banking information.

The gist of the scam is like this:

  1. "Someone is attacking your bank account."
  2. "Please go to our website to confirm your information."
  3. "Then you'll be safe." 

The scam is as brilliant as it is insidious:

  1. Yes, someone is trying to attack you. It's the person who just sent you that e-mail.
  2. The website they're sending you to will look identical to your bank's site.
  3. They'll take all the money out of your account as soon as they can or they'll extract all the information you give to commit identity theft, opening new credit cards accounts and other financial instruments in your name, ruining your credit card record.

There are at least three things anyone going online should know:

  1. Your bank will never contact you by e-mail and ask you to share information or click on something.
    • Never ever ever ever. If you think I'm wrong, call them and ask them prove me wrong.
    • Don't use a phone number from the e-mail (should a scammer ever get that resourceful!) - print it out and take it to your local branch if you don't know where to call. I'm not sure if your branch is the best place, given the fact you have a bunch of high school kids working the wickets - though I'm probably being unfair, they could likely point out it's a scam better than some folks - but the manager or someone clever there should know!
  2. The website address will often have the bank's name. And that means absolutely nothing. Using very basic computer code they can hide any link to a website with 'safe' looking words. Don't assume www.live.com will take you to Microsoft Live, because I can easily make it go to Google, Altavista, or Microsoft's search pages. I'll add another note regarding this at the end of this post.
  3. Read carefully - note the spelling and grammar in the e-mail. Although it may not necessarily prove it's a scam, I'm amused and amazed by the number of typos you'll find in these scams. It's as if the scammer is taunting you - if you fall for their scam, they can laugh at the fact that you believed your bank would send such a poorly written e-mail. I've included a very fresh example at the end of this post. Enjoy the number of letters "e" in the word "speed" and this gem of a phrase: "to combat the fraud from our community."

What? "From our community"? Sadly, it's hard to tell whether it's a case of Engrish, deliberately poor writing, or the sign of a subpar command of the English language from a native speaker.

Either way, take advantage of those mistakes to protect yourself if you forget everything else I just said.

And yes, if you already know this, good for you. I wrote this as a reference material for anyone doing the smart thing, and trying to learn the Right Thing in case they're trying to answer the question, is this a phishing attack? Is this legitimate? Is someone trying to scam me?

Yes they are. This post will be useful if it helps even one person avoid getting swindled - if I got this piece of spam, others also got it.

For the record, the most recent attack looks like this:

Bank of America <noreply-mail@google.com>    

Dear Bank of America client,

You have received this email because you or someone had used your account from different locations.For security purpose, we are required to open an investigation into this matter.

In order to safeguard your account, we require that you confirm your banking details.

The help speeed up to this process, please access the following link so we ca complete the verification of your Bank of America Online Banking Account registration information.

http://211.72.75.244/icons/www.bankofamerica.com/sslencrypt218bit/online_banking/


If we do no receive the appropriate account verification within 48 hours, then we will assume this Bank of America account is fraudulent and will be suspended.

The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community. We appreciate your support and understanding and thank you for your prompt attention to this matter.

Lastly, extra information concerning point 2 above - note where www.bankofamerica.com appears above. See that there's a number in front of the address? That's a dead giveaway that the link is a fake.

Every address on the internet - even www.steeplemedia.com actually represents a series of numbers. 211.72.75.244 is but one out of billions. If there's anything appearing in as an address other than the bank's true website name in your address bar, be very wary.

Posted: Sep 12 2007, 08:44 PM by Krupo | with no comments
Filed under: ,