|
|
|
Phishers Spoof FDIC Site to Collect Card Info
By: Dennis Fisher
2004-09-23
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
An official-sounding e-mail, which touts a "new anti-fraud screening solution" and claims that most major U.S. banks are participating, takes users to a spoofed FDIC site and asks them to register their ATM, debit and check cards.A phishing scam that appeared Thursday claiming to help protect consumers against debit-card fraud and identity theft has experts worried about the increasing skill and creativity of online scammers.
The scam, which takes the form of an e-mail message, falsely claims that the FDIC (Federal Deposit Insurance Corp.) has created a new program to track suspicious activity on accounts linked to consumers ATM, debit and check cards. The message contains an authentic-looking FDIC logo and directs recipients to a spoofed Web site that anti-phishing experts say is located in China. Representatives from the U.S.-based Anti-Phishing Working Group have been working with officials from Chinas CERT (Computer Emergency Response Team) to take down the fraudulent site.
The text of the FDIC message is well-written, apart from two small grammatical errors, and it plays on the current raft of identity thefts and other phishing scams as a scare tactic to entice recipients into visiting the spoofed site.
"In cooperation with your bank and other major American banks, the FDIC has developed a new anti-fraud screening solution. This is an effort to prevent the recent surge in credit, debit card fraud and identity theft," the message reads.
"The system is an advanced neural network that scrutinizes card transactions and ATM withdrawals to deliver a highly accurate risk score by analyzing the spending behavior of each cardholder along with the profile of each merchant and ATM. It will try to detect and stop any suspicious or fraudulent ATM, debit or check card activity.
"Register with our ATM, debit and check card protection program and you can use your card to shop online, in a store, or withdraw money at the ATM, and youll be fully protected from unauthorized use of your card or account information. With FDICs Zero Liability policy, your liability for unauthorized transactions is $0—you pay nothing!"
 Click here to read about Symantecs new anti-phishing service.
The site to which the message directs recipients is virtually identical to the actual FDIC site and contains a further description of the fake protection program. The site claims that most major U.S. banks are participating in the program.
Once on the site, visitors are encouraged to register their cards.
"This is much better than the original FDIC scam and better than most of the ones we see," said Bill Franklin, president of Zero Spam Network Corp., based in Coral Gables, Fla., and a member of the anti-phishing coalition. "Its being blasted out there pretty hard. A lot of our accounts are seeing it."
Franklin said the quick cooperation of the Chinese CERT officials shows how much things have changed in recent months as officials around the world struggle to stop cyber-crime.
Check out eWEEK.coms Security Center for the lat-est security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
Be sure to add our eWEEK.com Security news feed to your RSS newsreader or My Yahoo page
|
|
�������x}r㶲s\@♵MR%ƶ,xMT(��S$�I~u~|�.dLb["�h4��y$3W7-gB]snS;sa@
Z.%w>;�(+o��1m�n�f](� _h���oL|N�შ���:#:D�.Rk2
�Z57�5'4o/Nne0S�-:Iq>)�N�մnI�>شQ�$�)q@�P.w@~T�h= \2�ITߦuB)~{Te䆡;��g?� CKt/"(?c&�c�?9;|'�fw^��B(ƻ�FՉziZg��dd
vu=yͨ�� /B1r!f-{74�ɿT݉[՛��L=iL�VG��;%0Ýtf?D���k>�NZ] Z�3ˆ辥{$�)5�= \o4QL1H��6}~8MZ� Q��K�68Q+)Kk0�~b[�4I�p\.* }=
:ҍ�}4�.j.9a�M �S
��P2zhN�t(`_�dY7;�Ͱ-P6CMT�jR?t~��,t�r�NeW47FsRU5MQ�� �?
n8u�h;ZCJ�y]J>�y�ES3�^_�wD_j�0QEVKY�/�ZH��gw�:�Q��ڟ�+̪/k*}k!�
�z��?lrK��,���.i�TW%32�eLCxY�$Y.�r{&:���C���j�ݖE�B_*D�\�KŗG)LY4C�� ! ,�2ɌS�Hu��t:���d9AcE'}6kiJu�V�!`FC�ܺm��49�(��蟩$�m�4�@r5�XSl �ROFo4'~ަ�,-|y"�b�r�ݠHPs>Χ+foF">��23y�B(&�pHq�b��&�μbO�yx>jY[6'jtamIiS_��ӲKwI�|IwNz߁)WI�C���EhYf7-vI��qM}sQU�1W*P\?,Ëʾ��b�(7ZdL��,��5,{Lt�p6� 0h��v?3�Ϩig89y��t$�AG61^�zK
ucj���>; ä��7X�8}Zc�O6�/|�\a���^탉�i$�>6(Z\?`�
V�Cf@B떂9��;�ޚA�"�Qފ]ӑ4�a���q�j =�*~s��=w}
�
�
@�l�߽5�#~[-[�Y6x�OA �(~9-WR���C/0t[t}JIIL"D%� R
h��4�A�G�EBEN�m�bo$H�XVph�T6ݞ�H:s'PT+esRأXB�Y�X/E_R�23#Cdɬa���X�91{M�f�T`"[ᛥLKa�k`FX,CMۯ!M{�:eXy@�}= 3ܲM҂%�Ll;!i`�3Ґ(e`9�ޟ�F�~Lh?wܰH}K�:�<�f3�35{80�q}�`] �k�2oiM3ˁ�2$vTD�>L˄Fr�6:{mQH0�8
uy�s3tNn~|X��FhIO3_hy>grGֶ-o� +� j�J=WsF���A|5
�i!sL&Ze�on<�Gy�5&㓫(\=PӔ�T3�1�8�FLyK
('SwFFJ�V�!zh'>eg�HuXKnuo?Jյpz1Tۥa]hk%�R�?���!d[�}aa6E]�QYRKHD@CR)ҵ�
ҊaY��^`(!� "x
ӡE~چzCTC��Sk�u
>�
XTM._`
}dҶ�Mj�٫ X37l�d �tA�qF�A͔`�AE�Ll5T� թz@�4�}&I;{\Omϐ|pP9��s?磔YTp�$4hS�*}a�5)403yb|F�ȸ�>qm?XĞ?x�8[�0,Y\��Ζ�']5�!@0mE�"�A`iNR}�
ز^z`��iAʫ�e�&-JjE)jB4'���i/#Y��/�m0ܱk]>aD�6#�BQZ>-B-g�� \�ipbZ�DZ��Lh�KgAqA0*L\y�.
+?�w�V�V0\�n�}��OДa˘;|qדNl*I�rIQ)�kMf�9oLI3ۊ�iȈ0Aq�_8R" @548�~�x� *�O$BZ��-�-UŨN=M�
=��7`q�0z��K&��O>qӞ�rFVyYBZa0O=ykR^K?N
aYj8+0yϹo��ǼL zN¢ -{h'^+0ZN�
*J#2ByQ�Yhw\rR2
S#<�~Ɋ0�
ClW��õ�]\Cc�+>L���u�O##c�Yd:w@�ݐ늦�?�K�+^W�"� V@Q�#�A\=�<
�`QtEa:NiCM��
PwA-~¿rZkB�Z'@
�u�(D���Q413�3b_@�7T_/=�"X썿9KC�b�QT�h^;p���ZN:��ӁZFB -Қ89k*=�~����o�#e�IF:#ݸ{r_�ȫ"w�sԷлMk�l���ޣ�0��6@yb#kUa�� bȈCzf�H|�~[q{?I
~9pTj�g�HUWt�<,#?�3q:FUU�;My�R̚,+C�jm>a,0r�]X��bbק�Ge7UE^y}Mqr`SR�h3 J@�F��$bw}�WszZ^{銿ðuN�Q��嵀��҈F��sz߽�_>QCrֽH^'�Kփ �w"Y�KrBV�ëG:KY5�6P���^S�(+RJ�"4FYO |�ڝU3��_f�}�Rt<~UrtPעo9Kj�}J_cNfo4��~ ѶP=8Y,rh縵vR�1?x�>��Cz?$Y^3_��{w j�Eާ�p�ZIS"�9oթ-xOӆO|�B�A�J;TLA:߄q?Ik�uYغ�[��̘pA3:%I��b 5m$jZ3fj�# $_:JI"v+hl(lA j�SÚ�mf�/.鞿ߺm|`��M`l)ZQ!|�Nr
a=nE�`e>R!G[yQb}�b%h4eW:Bzc'��?<��'|x!� �Ӣ_,�wuϏ5m_f�}GQ'�-gFq?Iȸ�t2Ti\'sX6
wѺB���?ݡC5VAkv,x\J�}[<,'�Mw[�G=r�٠sEZ��Q�W���$� tD#(o�Z7۸;�.zʜ(=}!G&zE>qF.Z��=w;o
e's�
CݿwA]iNw�7U�FᚎxZ
J�~l't6�D(jEWc{w#9�Ȫ̅S.R؉~'g#3^q:-: `�tH_ulFǵ�4/
Z2fP:;�G�qGe�cF0Xov}{�U"��t?h2i�~�J�]݅;icVD)]Kĵ"�v�KJIǫymQ�z�SD��D6Kh#iv.R�o�14�НLl*z>�-35&i� �1N:6;x5�t`��a�AXŀ0�Vo
lϸG
s�8<��O��euw#�S�'gSc3/HF#xk��y(6-lF�@|P����;a6
*|�b1�\<�e�OJWc#ZT>�9bH9ƍ
߹�X�a(%4�b�i4 ,UzϟHAN$I1%)v/
KKY/?_\�h5~:k*�I���ܺk�Qm4Dip'OY.`�{�fߍ
�.�Ý#H���[��!L��x ��6�cQ,u�P� Y0&0�g̑R.�SLCv({P6ϓ1'�Q"ɃΒA>u更Bb5=9e�xu�9}�NS^�>vc"QbC����ގ;ۊO-&9Njb�b�0@dc;-r-,WxTtIt+�r.U%!�r+,(�� yzI$Y/iMb7F/&";�YJ����Ae�BeX�i@5�x*=9:̐bBp�2�nS?�ZEϙ$�K)��2hM^�W+GE�pݢIo"~d$=lFLـ}�%$4��~��FםFR)齟ԆP��A/)�jFi
ԥ�aJ4�fL�۞�i�梓N|J#�?:k,T%?6tA� >�ea � #0%�t!G#J�=HJӟI�O!A /-_*y�eRRUIM�5x;%3��H��>�$̛��H�f�RR+)��P�B��{�
�P
z��&g�)^\5u`
!ئ '>7cªô�0GM؋�_$Euǐ{�f~V�_��M��v�7:hj�s%PtxiP�D}𨊤i�O奆�}'x|�xv\Meb�X `�IRsK��pGM��'� }+|^Ս٧MGV(1qu7+0��=#�CD�a�F���:b�JccL�Wݖ_JRߔ_j//-�dԊP�R?-S0ҧU28>�Ya��'1xq^+�< �X7����, /\.ޮb
>`��'|-ޮ/Em/<�}Kr��ȼ
�l-^N�ړYİO�wKb�%1Y~�Gj�w�OP5FC.0�PC��ѕřn.-^�/o4n[*�d�]�[G?dȍ=eO)�
x��-]gU;{�UQ/� �hFe!;O��Icb|�HGO�/
:â=$LBc%{4�3\0k�`��꤯�7v6F2L)K�QXcJ:*�5\?ԝ2ST#䉯-RH&o��k'��M!tql�r�x�t�$۱,ē;�~GD��bDݵ���⛤Z�/#�_B/o�7f.H�e
_M!�Aa[D0Ҍ��a��B6��7�}�uADq8�vaPz@Ym�Ӷx�UĠ�AɌ��BtM�Sc%5R)j~Az)XZbYE-c
2^Z!tOHkxj<�vlNz� ԣ:BM�Kw�TU"j�%�x#-5נ�)|9}nZbfģ
Zk�ah;Xÿ́k�j=!vc`�.қYv�JH�'*t}jh�ܻT�˴Jd�iYT¿CTj~Ew(/9{�W�yj]SjZYS#��({m9j�H]ZŎ*+ask"RbSP}ӂ"Z{2ֱ:�r�敊V.ի�;o?z#TXC>,f5�0Y>G�V$��؛�~vٹS�K�ʖ˳^�=jX:N#RF¯��9�̪ f=�]WT�P^�L�]=�#ZMIx�e5JZ|_#ƄsN(<�1�^+@ZB�B(YYv'
o.'G>��Vov/?VHzՕݷod}ext쐯J"��rG:-ei��*#:�&����):]Б�ܟޔjmO*oIgOn\4���}A6�ڄy���iǥ4�Y��gMr+oꎉ\ixcO�5�׀��g"xBW7�˽�}�D['ٍ�C>yhb#�����HB0\'u�=#�Yg0\*z(4`�u, <8�uE)�dVy�"O .cjV�ZC8ްn�?Ĉo8fkH�ג s��1��W�}e_a�!�9'p�h�\pr@Kd1L+2&�B�s�8���A_}&i[ք ၰ
�5"��
Bߝ�F$%֘� tkXaٌ�J*Q^e5DM@+:[ �[$GO!~ݾZ>Z��Aw��N|vuI9�.65BA5�^[�+�!z(8i67a\nq���4ħYx@z�B32[E�YN�(S�S~�Wˏ[�rʑ�@v'�ʏח�}Nr�>?BB;rʡݜ{S�C)�ח��05s�?���sCs<�s�<�AS(?)�#�sa|/r�"G~.`.rƯ��z_z9�2?.˜r�s������#���O9}�}ʡ5_�^55u�:Iʙ#gK\8=J��W
ͣ�~TA__�y+%IN>質�9�+f/_̡sTh3�*Я#Udnldҽ<
aq�ʍz�^S_xڙ閽pLڭe]�9hwp_l(%^a/��^敽< x�EB+�g�ٔ�@#X{#uO'NW6#�ﹺ�d^)WsU�}Ӊ{Z?Ś/�Yy<�qLkb�ȁ>lL4�(c#h��.Ǒrۿ剹?|�K2y��i8����Id|1@u4b�5V$G3x7X%05:�%�xl��Qf�]�r{^f$��mXv&w�ra`O�*{�q���A�nﺳc�X00wUW�-^AK5 D =b���k&-x��ÃBLSr(�pIi/�1�IB�
n`Z(>/A>=�!fI!�39L$���~giK-�x�=%4Id�`m�܀9�0r^��\�ɡ=�E�$>}T.I
5sE�Eב�E,&J =
B:ɄiȽ��M)˯��+�c{+1¢�_j
u/��ME^kυ�xsp��`��[�W ^{�#D3dƨ�z<�KM1rn��K:;33U)ւ�_./gз�ǁ/;K{KV9�(�(&�]�a1W%�$rfRV��\wц|7(6؋|%O'
Ͽay�H�O(t��&Iw`R�11��|�j;;�1�TeΝ[QYɶ��y
S�O~j]�O(#oݒ�珸6x��}�҂Ir(L/Tvy*3*>�% ,�1-i�%-"U`7g#�~*�3V��œA>h4M��(_ْk0�F?-H�ˍt�f_d%�\"d<�l[� +"���
�
KmӬ1s¥"UXJNR��X,8.� kliw)Q��.�9�1�"u�z ��?[���<-v;�#
+_2q
V`WH{Xi[��1RpCV)�tO�ߋ��CVt3#W5`/��=H�_�(|9N]RjãÍGX�Ǹ��[)�Iy>p <Щ0T\bX%e�܌�uFEm�hT4X�%*l+S7�
�)/߶S7qݼ¶"yX]�A\'X3'5ȱ
ya1 g�{y�{~k�#'>�gsx>YʐLW\ȏ,,�L[Z']ZD!hXr���E"O
�q~ m��f�K#f��E [�Rj2
19,f@�xI1%h3l䣈mAb�?�åk[�)��,�c{`yO�|�/F"@�Ԃ'g"e��})IDy�)/�́/�P>I&g\9ƕEy�@Xqө8Yo�>u.)Zw�Byһ�H'��RI>Q�}��v4:~v҉�.3J�bq')tߟ��V��zW X7u㆗�?}hKQE�e遢%!ڝ,��!ջlxY�0�m\}!l4{n&_1�!�?[e6TRA$ᑭ7}M1�uc*d_)K�]jq[OEQj)lئdTi2�9J{)
qU˕4>S!v�7v6̈́
В��]&ŮM�v�bes�'��
|
Network Security & Hardware 
