Russian criminals go "phishing" in UK bank scams

A criminal element from Russia may be responsible for the recent spate of spoof emails that have attempted to con online-banking customers into revealing their account details.

Over the past month, Internet banking customers of Barclays, Lloyds TSB, Halifax and more recently, NatWest, have received emails that appear to be from their bank, asking them to confirm their personal details. The emails contain a hyperlink that takes the unsuspecting user to what looks like their bank's official Web site, but has actually been set up by a third party in order to collect details that could be used fraudulently.

The scam is reminiscent of the infamous "419" scam emails, where the scammer offers large sums of money in exchange for assistance with transferring funds out of Nigeria or other countries, but experts believe that the new frauds originate from Russia.

Pete Simpson, ThreatLab manager at software security company Clearswift, told ZDNet UK that although there is still no solid evidence that the Russians are behind the emails, a significant number of the scams have been originating from the same source.

"They appear to be coming out of Russia via an ISP in New Zealand at the minute, but that can switch any time," said Simpson. He added that the new scams are more organised than the 419 scams, representing "a concerted project as opposed to the odd fishing expedition."

The scammers are getting more creative in order to fool people into handing over valuable information, Simpson said, giving an example of a recent suspicious email disguised as a lucrative job offer. The email says that a total of 12 candidates have been short listed for a highly-paid job, but the recipient is offered the "first bite of the cherry" if they respond.

Simpson said that the recent bank scam emails will only be able to cause problems if people respond to them right away. "They tend to be short-lived affairs because if they get someone, the chances are that people will spot it and take various steps to shut the Web site down in a matter of hours," he said.

Because the emails are sent to so many people, it only takes a few responses to make the scam profitable, Simpson said. "There are a small number of people that will fall for it, but you only need a small return to make it worth while," he said.

Munir Kotadia writes for ZDNet UK