Computer Crime Research Center


Phishing details

Date: July 29, 2005
Source: Computer Crime Research Center

On the morning of May 19, South Africans around the country began receiving emails, purporting to have been sent by Standard Bank.

If they were customers of Standard Bank, the email asked them to click on a website, where they would be urged to update their banking details.

It was a classic "phishing" attack - as well as South Africa's first major experience of the phenomenon - and involved a sophisticated global syndicate operating through at least four countries.

"The attack was traced to an email sent from Seoul, South Korea, to South Africa, which was to recruit runners for the operation," said Herman Singh, Standard Bank's director of technology engineering.

The runners, he said, thought they were getting involved in a legitimate business venture. They would be used instead to launder money through the use of their accounts.

"The syndicate, after compromising a customer's account, would move money from the customer's account into the runner's account. The runners would then wire the money to the syndicate," said Singh.

While no Standard Bank customers lost money in the attack, other financial institutions around the world were not so lucky.

"In Australia, a phishing attack cost banks about R100-million," said Singh.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo