Related Articles
Top Stories
Feb 13 2012 12:15
Miner Xstrata says it has brought forward maintenance on two furnaces to assist Eskom to save power.
Feb 13 2012 10:43
Although jobs were created, the economy is still 420 000 jobs short of the peak employment level before the 2009 global financial crisis, says Adcorp.
Feb 13 2012 07:58
Greek lawmakers have approved a new round of drastic austerity measures after a long day of street battles between police and protesters left dozens injured.
Johannesburg - The SA Banking Risk Information Centre (Sabric) on Thursday warned of a rise "phishing" attacks.
"We are presently observing an unusual increase in phishing
attacks across the industry and would like to warn bank clients to be extra vigilant," said Sabric chief executive officer Kalyani Pillay.
The worrying trend about the recent surge in phishing attacks
is that the phished information is now being used by criminals
quicker than in the past," she said.
The period between the compromising of banking customers'
information and its use had narrowed.
"We also observe an unusual level of persistence accompanying
the latest attacks. There are incidents where people are receiving the same phishing email daily," Pillay said.
"Phishing" involves criminals deceitfully obtaining bank
clients' personal information such as passwords, identity numbers and credit card details by sending emails that look as if they have been sent by banks.
Typically, phishing emails were sent to millions of bank clients asking them to click on a link to access information purporting to be from the bank or to update their details, Sabric said.
Instead, they were directed to a fake website which appeared
almost identical to the legitimate bank's website and were tricked into disclosing their personal information on bogus online forms on that site.
The criminals used the information to commit fraud.
The recent phishing attacks were made to resemble security
alerts from banks' online or security divisions and required more detailed customer information.
"The current crop of spam requires customers to confirm
information such as cellphone numbers and email details," said
Pillay.
"This is done purely for purposes of intercepting customers'
one-time-password (OTP)," she said.
They did this through cellphone SIM swaps or by asking bank
customers to confirm their OTPs immediately after accessing the
account with the phished information.
"Sabric advises bank clients to ignore any emails that require
them to provide personal information, even if the emails look
credible or seem to contain very useful information.
"Some of the spoof sites... contain what would appear, to
unsuspecting eyes, to be crime awareness information on phishing."
Pillay said it only took a few successes to make the attacks a
worthy and profitable undertaking for cyber criminals.
She said people who suspected they might have already responded
to emails requesting their personal information should immediately notify their banking institutions.
- Sapa