Phishers Target Mobile Service Providers

In July 2010, Symantec observed phishing sites that spoofed the legitimate brands of mobile service providers. (The legit brands are based in the UK and Norway.) Fraudsters are always looking for new techniques with which they can steal customers’ sensitive information for financial gain. With these particular phishing sites, phishers were attacking the telecommunications industry to access customers’ bank accounts.

The phishing sites were circulated by means of spam email messages. Various subject lines were used in an attempt to lure customers—most of the subject lines were related to the customers’ mobile billing statements. In this example, the phishing site stated that the customer had to confirm his or her billing information due to a recent change in contact details. Upon entering the login credentials, the page asks for sensitive information, including contact details, driver’s license details, and credit card information. After the sensitive information is entered, the page stated that the billing department would verify the (continue reading...)