Story URL: http://news.zdnet.co.uk/internet/ecommerce/0,39020372,39175029,00.htm
Phishers set to hook festive haul
Reuters
Reuters
November 25, 2004, 13:55 GMT
As the holiday shopping season ramps up, cybercops have warned that online fraudsters are working overtime.
Analysts from the Global Threat Command Team at Web and email filtering company SurfControl said phishing attacks -- spam emails in which scammers lure people into divulging personal or financial information -- are becoming increasingly sophisticated and growing at a month-over-month rate of 20 percent to 25 percent.
Prior phishing scams were somewhat easy to spot. Either the lure was rife with misspellings, or potential victims clicked on links that routed them to ersatz sites that tried to appear legitimate but didn't look quite right. But new scams are more sophisticated and harder to identify as phishers employ spammers, hackers, virus writers and Web designers.
"'Tis the season when people will be most vulnerable to such scams," said Susan Larson, SurfControl's president of global contacts.
In one of the latest attacks, a phishing email claimed to be confirming an eBay purchase made through the Web auctioneer's PayPal online payment system. The email, which requested information that could be used to steal money from the victim's bank accounts or credit cards, was fraudulent.
Others look more innocuous but contribute to the problem.
One offers to send children a Christmas greeting from Santa in exchange for home or email addresses.
Another asks for similar personal information and promises participants a $200 gift card from Macy's department store.
Larson said the latter cases are probably examples of groups that are harvesting live email addresses to sell.
"There is no Santa Claus coming to you this season on email," she added.
Larson said consumers should continue to be very wary of unsolicited email. She and others reiterated their recommendation that consumers never give out personal or account information by email.
If consumers need to respond to an email information request, Larson recommends that they go directly to the site themselves and that they avoid following links provided in email.
Phishers set to hook festive haul
Reuters
Reuters
November 25, 2004, 13:55 GMT
As the holiday shopping season ramps up, cybercops have warned that online fraudsters are working overtime.
Analysts from the Global Threat Command Team at Web and email filtering company SurfControl said phishing attacks -- spam emails in which scammers lure people into divulging personal or financial information -- are becoming increasingly sophisticated and growing at a month-over-month rate of 20 percent to 25 percent.
Prior phishing scams were somewhat easy to spot. Either the lure was rife with misspellings, or potential victims clicked on links that routed them to ersatz sites that tried to appear legitimate but didn't look quite right. But new scams are more sophisticated and harder to identify as phishers employ spammers, hackers, virus writers and Web designers.
"'Tis the season when people will be most vulnerable to such scams," said Susan Larson, SurfControl's president of global contacts.
In one of the latest attacks, a phishing email claimed to be confirming an eBay purchase made through the Web auctioneer's PayPal online payment system. The email, which requested information that could be used to steal money from the victim's bank accounts or credit cards, was fraudulent.
Others look more innocuous but contribute to the problem.
One offers to send children a Christmas greeting from Santa in exchange for home or email addresses.
Another asks for similar personal information and promises participants a $200 gift card from Macy's department store.
Larson said the latter cases are probably examples of groups that are harvesting live email addresses to sell.
"There is no Santa Claus coming to you this season on email," she added.
Larson said consumers should continue to be very wary of unsolicited email. She and others reiterated their recommendation that consumers never give out personal or account information by email.
If consumers need to respond to an email information request, Larson recommends that they go directly to the site themselves and that they avoid following links provided in email.