Experts warn against criminals posing as online companies

Source: DallasNews.com
By WALT ZWIRKO
Date: June 19, 2003

We're already inundated with high-tech jargon, but here's a new term to digest: "Phishers."

Phishers are criminals who send out e-mails "phishing" for personal information from unsuspecting Internet users.

Here's an example that surfaced in the past few days: Stop Cybercrime

A message purporting to be from "Sean Wright" with "Earthlink Billing Department" asks its recipient to connect to a Web site to supply personal information -- information that is "temporaly" unavailable. Misspellings like this are often a tip-off to these schemes, security experts say.

Clicking on the supplied link brings up a Web page with fill-in blanks that looks suspiciously like an official EarthLink site, complete with the company's logo and links back to legitimate pages.

This page is seeking just about every bit of information you're willing to give it, including your mother's maiden name, your credit card number and your "driving license" information.

"The criminals are becoming more and more savvy about getting around computer security," said FBI Cyber Division spokesman Bill Murray. "When they can't penetrate the computer itself ... the next logical step is through social engineering to enable them to get the data that they're after."

After seeing a report about "phishing" on WFAA-TV (Channel 8), one viewer said she had received the same mail from "Sean Wright," recognized it as fraudulent and reported it to EarthLink's spam abuse department.

In another example, an electronic mail message from "Jammie Shalna" tells the recipient that BestBuy has received an order on its Web site that was made "using your personal credit card information." The message asks the recipient to "visit a special Fraud Department page at our web store where you can confirm or decline this transaction."

While the e-mail message provides a link engineered to imply that it goes to the BestBuy.com Web site, the user is instead directed to a page at "digitalgamma.com" designed to mimic a BestBuy page. Clicking on a link to dispute the alleged payment brings further pages seeking Social Security and credit card numbers.

This scheme is so sophisticated that it actually forces the user to enter a valid credit card number based on a computation involving that number.

EarthLink spokesman Jerry Grasso said his company is very careful about asking for credit card from a subscriber. "EarthLink will contact them and direct them to a URL at myaccount.earthlink.net which will require a customer's e-mail address and password to sign in, and then another set of account maintenance passwords to ensure the optimal amount of security," he said.

The bogus "Earthlink Billing" Web site was shut down shortly after it appeared, but it won't likely be the last attempt to access personal information with the help of the victim.

"We suggest that if anything seems remiss, that you contact your provider as soon as you are able and alert them to this issue immediately," Grasso said. "Do not respond to the inquiry/request for information."

"We can't stress enough vigilance on the user's part," the FBI's Murray said, adding that computer users should install personal firewalls and anti-virus software to guard against intrusion.

"We have the tools we need to go out and catch the bad guys," Murray said. "One of our biggest roadblocks is the not reporting of a cybercrime."

He said suspected computer crimes can be reported to the Internet Fraud Complaint Center online or to any local FBI field office

Original article: http://www.dallasnews.com/localnews/stories/061903dnmetphishers.523a6ed.html

^macro[showdigestcomments;^uri[];Experts warn against criminals posing as online companies]