Australian banks are fast in phishing scamsDate: March 17, 2006
Source: Australian IT
The bank's security response team detected the attack last Tuesday night and had shut down the sites by early Wednesday morning.
A bank spokeswoman said such sites usually took 24 hours to shut down, so the overnight turnaround had been very quick. The threat had not been classified as a major scam by the bank but deemed a "random generated email".
"It stood out as a hoax email as the language was clumsy," she said. Education on phishing attacks appears to be working.
The bank had received a number of calls from customers about the email but had not received any from customers saying they had responded to the scam.
No fraud losses have been recorded as a result of this attack.
Websense Security Labs Australia-New Zealand manager Joel Camissar said the attack was an example of a "rock phish".
Rock phishing kits were available on the internet and characterised by having /rock/ or /r/ in the URL path, followed by an alpha character. Quite often the letter after the /r/ matched the target name, for example: www.samplerockphish.com/r/b (for Barclays) and the sites were usually hosted in Asia.
Add comment Email to a Friend