Friday, August 04, 2006

Meta-phishing?

Phishers appear to be growing more imaginative, perhaps as a sign of growing consumer sophistication about their tactics. I have just received a phishing email that seems to play on phishing scam fears by asking users not to give information away, but then directing them to a website where they have to log in their personal banking details. The scam reads:

"Be on your guard - beware of fraudsters! Ensure that you are logging onto a genuine Barclays site and not being duped by scam emails. Take a look at Online Security to find out more.

Dear Barclays customer,

Like other UK based banks, we are currently seeing very large numbers of "phishing emails" in circulation. Many of these look as if they are from Barclays, typically encouraging you to click a link and type in your logon details. Such attempted frauds only work if you click that link, and you then type in your full security details and contact information.

Please remember: We never ask you to enter your Credit Card information and contact information on the Internet or over the phone. To learn how to protect yourself against "phishing" and other "identity theft" attempts, please spend a few minutes to upgrade to our latest security: CLICK HERE TO BEGIN

We apologize for the inconvenience and thank you for you co-operation."
Innovative or dumb? Still, there are statistics claiming that phishing is catching some users, so there may be people out there who fall for this.

No comments: