Biting the hand that feeds IT
Biting the hand that feeds IT
|
|
Original URL: http://www.theregister.co.uk/2007/09/26/verified_by_visa/
Fraudsters have begun garnishing phishing emails with claims that punters need to respond in order to enrol in the Verified by Visa programme.
Verified by Visa is a legitimate service that adds an additional layer of security to online credit card transactions. Anyone using a card enrolled in the programme needs to use a password in order to complete a transaction.
ID thieves are constantly looking at ways of making scam emails more plausible, so it comes as no great surprise that the new Verified by Visa scheme has begun to appear as a topic in phishing emails.
"Your Bank of America card has been automatically enrolled in the Verified by Visa programme," one version of the scam email says, the Better Business Bureau reports (http://www.consumeraffairs.com/news04/2007/09/visa_scam.html).
"To ensure your Visa card's security, it is important that you protect your Visa card online with a personal password. Please take a moment, and activate for Verified by Visa now."
Links in the email go to bogus sites, under the control of hackers, where prospective marks are prompted to enter their credit card information. Bank of America has many customers, so the chance of hitting the inbox of a genuine customer, even allowing for the scatter-shot approach favoured by scammers, is much higher than it would be for a smaller bank. And Bank of America customers are, of course, more likely to fall for the ruse than those who aren’t.
The email ends with a threat that punters who fail to respond to the ruse might find their card temporarily disabled. Such threats are a "dead giveaway" that the emails are part of a scam, the Better Business Bureau adds. ®
UK punters lose faith in phished brands (26 November 2007)
http://www.theregister.co.uk/2007/11/26/uk_phishing_survey/
New emails address you by name, then try to hose your PC (21 November 2007)
http://www.theregister.co.uk/2007/11/21/targeted_email_attacks/
World's most gullible supermarket chain falls victim to online scam (29 October 2007)
http://www.theregister.co.uk/2007/10/29/supermarket_online_scam/
US phishermen trawl UK waters (18 October 2007)
http://www.theregister.co.uk/2007/10/18/phishing_trends/
Indian police academy hosts phishing site (9 October 2007)
http://www.theregister.co.uk/2007/10/09/indian_police_academy_phishing/
Unsung software developers behind rise in online fraud (17 September 2007)
http://www.theregister.co.uk/2007/09/17/sysmtec_internet_threat_report/
Germany nets ten phishing suspects (14 September 2007)
http://www.theregister.co.uk/2007/09/14/germany_phishing_arrests/
Attackers turn Bank of India site into malware bazaar (1 September 2007)
http://www.theregister.co.uk/2007/09/01/bank_of_india_website_takeover/
Russian phishers loot $500K in two-year hacking spree (2 August 2007)
http://www.theregister.co.uk/2007/08/02/turkish_trojan/
Italian police net 26 in phishing takedown (16 July 2007)
http://www.theregister.co.uk/2007/07/16/phish_chip_arrests/
UK credit card fraud down to £209.3m (7 November 2006)
http://www.theregister.co.uk/2006/11/07/credit_card_fraud_stats/
© Copyright 2008