Computer Crime Research Center

hack/hack35.jpg

Online scammers target NAB

Date: December 26, 2005
Source: The Australian
By: James Riley

Internet fraudsters have targeted National Australia Bank customers over Christmas with a flood of hoax emails designed to trick account holders into revealing their internet banking details.

NAB has called for help from the Federal Police's Australian High Tech Crime Centre to track the source of tens of thousands of hoax emails sent to internet users. Known as "phishing", this type of scam is a major contributor to Australia's $1.2 billion online crime industry being operated by sophisticated organised crime networks, according to the Australian Computer Emergency Response Team (AusCERT), which tracks viruses, hacker attacks and online fraud.

The latest hoax email contains a legitimate-looking NAB letter requesting that customers forward their account number and passwords to the bank so it can proceed with a "planned software upgrade".

When opened, the email also deposits a "Trojan horse" virus on the customer's computer that tracks keystrokes, sniffing for sensitive security information such as passwords and banking details.

AusCERT general manager Graham Ingram said the most alarming part of the latest attack on NAB was the attached "keyboard logger" virus, highlighting the increased sophistication of phishing scammers.

The hoax emails had been sent over the Christmas holiday period, when banks were closed and customers less likely to call to clarify the authenticity of the email, Mr Ingram said.

"The guys behind these scams are not amateurs, they are highly organised criminals," he said. "This (cybercrime) is a billion-dollar industry that's come out of nowhere. People don't realise how bad it is - and it's going to get worse."

NAB spokeswoman Mikala Sabin said the first hoax emails appeared last week, after which the bank warned customers on its website and referred the matter to the AFP.

Ms Sabin would not reveal how much money was lost each year to hoax email scams, but said the bank would continue to reimburse customers who fell victim to the phishing scammers.
Original article



Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo