Caisse d’Epargne Customers, Beware!
- Monday, February 8, 2010, 2:58
- Threat Research
It seems that cybercriminals will really stop at nothing to further their malicious activities. Trend Micro fraud analysts received yet another spammed message obviously designed to catch unwitting Caisse d’Epargne, a French semicooperative bank, customers into their phishing trap.
Founded in 1818, with around 4,700 branches in France, Caisse d’Epargne is active in both the retail and private banking segments. It also holds a significant stake in the publicly traded investment bank, Natixis.
The spammed message informs customers that the bank found some problems with their accounts. It then informs the recipients that the bank needs them to fill in additional information by clicking an embedded link in the email to keep them protected. Clicking the link, however, redirects users to a phishing page that looks a lot like the bank’s official website.
As expected, the phishing site asks users to enter their personal identification numbers (PINs) to validate their accounts. There are, however, noticeable differences between the phishing site (marked in red in Figure 2) and the bank’s legitimate site (marked in green in Figure 3) if only users take time out to make sure they are not being victimized by wily cybercriminals.
In fact, the bank’s legitimate
Continue reading...
Phishers targeted Shaw Communications customers on April 16 with an email letter telling them that due to problems with spam, their passwords needed to be re-set. If the customer supplied the spammer with their password, a “default” password was promised in return. The email contained a threat that the customer’s Internet account would be closed if the email was ignored. This fraudulent email was sent from an address on the Verizon server.