Sunday, December 13, 2009

Phishing in Malaysia

What is phishing?
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

The latest phishing attack on Malaysia's Maybank is the third in three months. The faked send address is from the Putrajaya World Trade Centre and the link is to a server at connhypo.com. The scam is as follows:
Reconfirm your online access
We would like to inform you that we are currently carring out scheduled maintenance.In order to guarantee the high level of security to our business customers.We require you to complete " Maybank Commercial Online Form "Please complete Maybank Commercial Online Form using the link below:
Maybank Commercial Online Form
This is auto-generated email, please do not respond to this email .

Phishing website of Maybank:
hxxp://sebastianschaper.net/aegabi06/cache/May2u-Service/Maybank2u_com.html
hxxp://tradewindcay.com/images/Internet-Customer/Maybank2u.html

The damage caused by phishing ranges from denial of access to e-mail to substantial financial loss. The damage ranges from loss of access to email and other online accounts to loss of money, investments, etc. Phishing is becoming more popular, because of the number of unsuspecting people who are easily tricked into divulging information to phishers.


There are several different techniques to combat phishing, including legislation and technology created specifically to protect against phishing. Attempts to deal with the growing number of reported phishing incidents include user training, public awareness, and technical security measures.

References:
http://www.damnedspyware.com/fake-malaysia-maybank-website-phishing.html
http://www.shaolintiger.com/2009/03/23/maybank-phishing-scam-e-mails-in-malaysia/
http://www.bankinginsurancesecurities.com/sanctions_closures_fi_frauds/fi_frauds/fi_frauds_phishing_maybank_malaysia

No comments:

Post a Comment