Fin24

'Scary' phishing attacks on the rise

2011-02-07 08:33

Johannesburg - Phishing attacks targeting South African bank clients have more than trebled over the past four months, according to the Kaspersky software security company.

“Phishing” is a subterfuge by which bank clients receive emails asking them to provide information about their bank accounts – ostensibly at their bank’s request. The criminals then use the information to withdraw money illegally from accounts.

Kaspersky said it had intercepted more than 209 million network attacks during December and neutralised over 196 malicious programs.

According to David Emm, a senior Kaspersky researcher, it’s frightening to see how credible these emails are, particularly the false tax-repayment emails or requests to log into a particular bank account to confirm a user’s information.

These emails look exactly like emails sent by the genuine organisations themselves.

- Sake24

For business news in Afrikaans, go to www.sake24.com.

Comments
  • e - 2011-02-07 11:35

    I fully agree with this article, it is really scary to see how sophisticated and original the phishing e-mails are! As an IT professional, I can immediately see that an ordiary person will not be able to tell if it is genuine or not. Best advice is, DO NOT REPLY TO ANY E-MAILS, rather go to your Bank personally.

  • spam - 2011-02-07 13:24

    I receive emails at least once every day from "Nedbank", "ABSA" and "FNB". Various scams to try and get me to enter my account details. This has been going on for months! Can't the banks trace the originating mail server and have the mails stopped? I can't block the mails as they come from different addresses each time. While I'm on the subject, does anyone else get daily mails from a company offering Viagra at discount? How do I get rid of these mails!? Also come from a different address each time.

  • Lily White - 2011-02-07 13:58

    The problem began when banks in their greed started selling client details to marketers.Sadly in this country, the consumer is never protected, so they can always get away with it.

  • Derrick - 2011-02-07 14:21

    I also agree. Everyday I get about 4 mails from the "banks" requresting my details and it's only started up in the past few months. They look very authentic. I've reported it to ALL the banks, so hopefully they tracking the guys down.

  • Dominique Troch - 2011-02-07 14:37

    Why don't the banks provide a hardware "digibox" to their on-line banking clients? As done overseas. This is the best to fight phising. Much better than the client PC software suggested by the banks. On top of still leaving you vulnerable, it smothers your PC.

  • Also fed up - 2011-02-07 18:46

    @Spam - I have exactly the same problems as you have and also the Viagra email. I jst sort and delete as there appears no way to stop this rubbish. I have never been targeted by spam emails but after applying for an access bond at ABSA and stupidly giving my email and cell number I've had a continuous stream of rubbish. To everyone out there - be very careful who you give your details to - it causes a tremendous amount of problems later.

  • Garth - 2011-02-08 07:38

    I love taking a snipe at the banks, but sadly, they are not to blame in this instance. You will note that you get these phishing emails supposedly from every bank including SARS, Western Union etc because email addresses are harvested en-masse from the web. We have reduced the occurrences with a dedicated free email address for our banker which never gets posted anywhere on the web and by blocking mail on our server from all banks, SARS etc. A quick check is to run your mouse over the hyperlink and note the URL that pops up…invariably it is not the bank’s URL.

  • B - 2011-02-08 08:49

    I fully agree with all suggestions and would like to add that once forwarding the return file path headers of the sender to the different fraud departments the service provider of the originating address take responsibility to block these efforts.

  • Al - 2011-02-10 14:12

    The dead giveaway for these phising attempts is that you bank will NEVER send you an email with a link in it which will require you to log into your bank account. So, if there is a such a link, its an attempt to get into your bank account. What works best if you work in Outlook is to select "Block sender" once you have opened such an email. The mail will then be placed in your junk mail folder. If you continually block these mails, including the Viagra ones, 9/10 of them will eventually go straight to your junk mail folder where you can delete them all in one go whenever you wish to do so.

  • Colin - 2011-02-11 08:51

    The Banks say they will never send you an email asking you to click on a link however Standard Bank send out their card statements asking you to do just that . You need to click on an attachment to open your statement . I received a very genuine looking email last week saying "card statement" that turned out to0 be phishing . I reported it to the Bank who did not respond .

  • amajuba - 2011-02-14 10:59

    I do not have the IT skills to do any thing to my PC. can I ask the bank to protect my email? We, the elderly are at risk and I 'm now concidering cuting up my cards and going back to writing cheques. Backward step, but safer?

  • john - 2011-02-16 14:07

    The question I have is where they get my email address. I have a yahoo and g-mail address and I only get emails to the one I registered with the bank. And I only get ones from the bank I actually use. If they send out random emails i should get emails for different "banks" and to both email addresses.

  • pages:
  • 1