Customers of an Italian bank were lured into a phishing scam with promises of mobile phone airtime credits, according to a blog post from analyst Mathew Maniyara on Symantec’s Connect blog.
According to Maniyara, phishers posing under the guise of
an Italian bank, are using a U.S.-based Web site to lure customers, claiming an additional 40 Euros would be added to their mobile phone account in return for providing their personal information.
The site of the unnamed bank took advantage of “typo squatting” – using a domain closely related to the actual bank’s Web domain, Maniyara said. After victims stumbled upon the site, which was modified to look like the log-in page for the bank, and
took the bait, they were asked to enter their banking credentials, mobile
service provider and mobile password to be owned.
It’s the latest in a long line of phishing attacks, which by
year’s end could
sting U.S. businesses alone to the tune of $1 billion. FBI Director Robert
Mueller stopped banking online completely after almost
getting duped by a similar scam in 2009. This isn’t the first and clearly
won’t be the last attack of its kind as attackers continue to invent new ways
to entice targets online via fraud.
