PHISHING SCAM

AFP probes ISPs over phishing

by  Andrew Colley
APRIL 11, 2006

 

THE Australian Federal Police have visited a number of Australian ISPs as part of an investigation into a phishing scam targeting a US bank, a Canberra-based web-hosting provider has revealed.

The internet provider's general manager, who asked not to be named, told The Australian that he contacted the federal authorities after hackers took control of two of the company's Linux servers and used them as part of a phishing scam.

"I realised something was going wrong when I started running out of bandwidth and I was trying to work our where it was all going," he said.

He confirmed that representatives of Australia's High Tech Crime Centre visited the hosting provider last Thursday and took information held on the hosting provider's servers.

A spokesman for the AFP said the agency was aware of the internet provider but declined to comment on operational matters. He added that the AFP was regularly called on to investigate phishing reports.

Phishing scam operators send thousands of spam emails purporting to be banks, hoping to lure unwitting internet users to their mock online banking sites in the hope of harvesting their login details.

The hosting provider's spokesman said that, in this instance, the phishing scam targeted Citibank customers.
A spokeswoman for Citibank said the bank was still investigating the issue when contacted late yesterday.
"We're continuing to investigate this particular matter," she said.
"In this instance there were some 7000 emails sent out," the web-hosting provider's spokesman said.
"There were 900 people that had a look at the page and didn't enter information and 38 people that were silly enough to enter their details and have it sent off," he said.

In this case, the 38 victims sent their banking details to an email address in Romania, he said.
The internet provider's spokesman said he was aware of at least three other internet providers in the Canberra region that had also been visited by representatives from the AFP's Australian High Tech Crime Centre.

"I'm not keen to advertise that the security on my gear was not up to scratch and allowed this to occur.
"I've now increased that security and loaded new versions of the programs that have these exploits.
"There is just so many hours in day and I can't be sitting on the machines 24 hours, seven days a week to be able to keep up with them."

Citibank reminded customers to be wary of emails purporting to originate from banks.
"We advise all our customers to instantly delete such emails, to ignore it and to avoid clicking on any links to websites."

The Australian

 More