Caisse d’Epargne Customers, Beware!
- Monday, February 8, 2010, 2:58
- Threat Research
- 10 views
It seems that cybercriminals will really stop at nothing to further their malicious activities. Trend Micro fraud analysts received yet another spammed message obviously designed to catch unwitting Caisse d’Epargne, a French semicooperative bank, customers into their phishing trap.
Founded in 1818, with around 4,700 branches in France, Caisse d’Epargne is active in both the retail and private banking segments. It also holds a significant stake in the publicly traded investment bank, Natixis.
The spammed message informs customers that the bank found some problems with their accounts. It then informs the recipients that the bank needs them to fill in additional information by clicking an embedded link in the email to keep them protected. Clicking the link, however, redirects users to a phishing page that looks a lot like the bank’s official website.
As expected, the phishing site asks users to enter their personal identification numbers (PINs) to validate their accounts. There are, however, noticeable differences between the phishing site (marked in red in Figure 2) and the bank’s legitimate site (marked in green in Figure 3) if only users take time out to make sure they are not being victimized by wily cybercriminals.
In fact, the bank’s legitimate site even has a security warning (marked in green in Figure 4) to all of its customers regarding the said phishing attack since January 28.
...Read the original story
