Related Articles
Top Stories
May 27 2012 11:21
There's a price war raging between South Africa's cellphone networks after Cell C lowered the rates of its prepaid calls by more than 34%.
May 28 2012 07:53
The City of Cape Town has spent R175m running the Myciti bus service since the Soccer World Cup compared to an income of R35m, a report says.
May 27 2012 13:09
The oversupply of golf estates has claimed another victim.
Johannesburg - The SA Banking Risk Information Centre (Sabric) on Thursday warned of a rise "phishing" attacks.
"We are presently observing an unusual increase in phishing
attacks across the industry and would like to warn bank clients to be extra vigilant," said Sabric chief executive officer Kalyani Pillay.
The worrying trend about the recent surge in phishing attacks
is that the phished information is now being used by criminals
quicker than in the past," she said.
The period between the compromising of banking customers'
information and its use had narrowed.
"We also observe an unusual level of persistence accompanying
the latest attacks. There are incidents where people are receiving the same phishing email daily," Pillay said.
"Phishing" involves criminals deceitfully obtaining bank
clients' personal information such as passwords, identity numbers and credit card details by sending emails that look as if they have been sent by banks.
Typically, phishing emails were sent to millions of bank clients asking them to click on a link to access information purporting to be from the bank or to update their details, Sabric said.
Instead, they were directed to a fake website which appeared
almost identical to the legitimate bank's website and were tricked into disclosing their personal information on bogus online forms on that site.
The criminals used the information to commit fraud.
The recent phishing attacks were made to resemble security
alerts from banks' online or security divisions and required more detailed customer information.
"The current crop of spam requires customers to confirm
information such as cellphone numbers and email details," said
Pillay.
"This is done purely for purposes of intercepting customers'
one-time-password (OTP)," she said.
They did this through cellphone SIM swaps or by asking bank
customers to confirm their OTPs immediately after accessing the
account with the phished information.
"Sabric advises bank clients to ignore any emails that require
them to provide personal information, even if the emails look
credible or seem to contain very useful information.
"Some of the spoof sites... contain what would appear, to
unsuspecting eyes, to be crime awareness information on phishing."
Pillay said it only took a few successes to make the attacks a
worthy and profitable undertaking for cyber criminals.
She said people who suspected they might have already responded
to emails requesting their personal information should immediately notify their banking institutions.
- Sapa