
Spoof emails not the goldmine they once were, says Sophos
Published: 12 August 2005 08:55 BST
Phishers have added a new lure to their tackle boxes: emails that ask people to fax sensitive information to bogus security investigators.
In a new scam, attackers are sending email warnings that appear to come from PayPal, security specialist Sophos said on Wednesday. These emails say that someone tried to reset the recipient's password and asks him or her to participate in an investigation.
The emails direct people to a Microsoft Word document hosted on a website and urges them to download the form, fill it out, and fax it to a toll-free number, Sophos said. The form asks for credit card information.
The new tactic comes as people are becoming more suspicious of emails asking them to fill out sensitive information online, said Graham Cluley, a senior technology consultant for Sophos.
"We've seen a few attempts of this in the last few days, where phishers are trying out a new technique with people who have learned their lesson about filling out forms on a website," Cluley said. "They're hoping people will feel it's safer to fax back a form."
"It seems like a dumb way for the phishers to operate," Cluley added. "The authorities can easily track the phone number. But what isn't clear is whether they will get a [toll-free] number and then quickly dump it, or [whether they've] acquired the number using a false ID, or can have the calls transferred to a satellite phone somewhere outside of America."
Email-based phishing attempts may be getting less effective, though. As with other types of unsolicited mail, people are increasingly glossing over these messages as they troll through their inboxes, Cluley said. Phishers, as a result, are likely to be finding their mail-based efforts less fruitful.
"Trojans and worms are becoming more popular, because the information can be gleaned surreptitiously," Cluley said. "It's the way the trend is going."
Dawn Kawamoto writes for CNET News.com
If you do not possess a valid UK work permit please visit our global website at www.capgemini.com) Locations: You must be prepared to be based in our ...
To obtain further particulars, an application form and further information about the Institute, please see our website at ...
To apply, please visit our website to download an information pack and application form. Different people doing outstanding work E- Learning Manager ...
CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.
Stories from the web...
Copyright ©1995-2008 CNET Networks, Inc. All rights reserved. Top of page
Peter Cochrane Peter Cochrane's Blog: Is convergence a fiction? Or could it finally be happening…
Clive Longbottom Quocirca's Straight Talking: A game of two halves Microsoft Virtualisation scores while its SOA bores...