August 11th, 2005, 07:42 PM
New Scam in Town
Phishers have added a new lure to their tackle boxes: e-mails that ask people to fax sensitive information to bogus security investigators.
In a new scam, attackers are sending e-mail warnings that appear to come from PayPal, security specialist Sophos said Wednesday. These e-mails say that someone tried to reset the recipient's password and asks him or her to participate in an investigation.
The e-mails direct people to a Microsoft Word document hosted on a Web site and urges them to download the form, fill it out, and fax it to a toll-free number, Sophos said. The form asks for credit card information.
New scam asks people to fax away data | Tech News on ZDNet
August 11th, 2005, 07:53 PM
New dance step, same old tune. I would act incredulous at the phishers belief that this would work...but obviously it DOES, or they wouldn't bother.
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
August 11th, 2005, 08:04 PM
As Cluley Said, it really looks dump to use a toll-free fax number, which can be traced easily.
The article did not report any realy life example and cases, and whether the attacker has been traced or arrested nor they failed to catch them?
Is this a contradiction with the intro, or it is just my rolled eyes and drunkman's thoughts??
The authorities can easily track the phone number. But what isn't clear is whether they will get
a (toll-free) number and then quickly dump it, or (whether they've) acquired the number using a false ID, or can have the calls transferred to a satellite phone somewhere outside of America."
The e-mails direct people
to a Microsoft Word document hosted on a Web site and urges them to download the form, fill it out, and fax it to a toll-free number, Sophos said. The form asks for credit card information.
\"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster