Frauds and Scams


Phishing

’Phishing’ is the term used for the practice of sending false e-mail messages to a wide audience (using ‘spamming lists’) in the hope that some people will reply to them.

Phishing e-mails are designed to look as if they come from a bank or similar organisation asking recipients to confirm their account details (including account numbers and online banking security information). They usually give a plausible reason for requesting such details – for example, to maintain an account.

An e-mail sent to Citibank customers in early January 2004 stated:

‘On January 10 Citibank had to block some accounts in our system connected with money laundering, credit card fraud, terrorism and check fraud activity. The information in regards to those accounts has been passed to our correspondent banks, local, federal and international authorities.

Due to our extensive database operations some accounts may have been changed. We are asking our customers to check their checking and savings accounts if they are active or if their current balance is correct.’

Links were given to false web sites, used to record information given for fraudulent purposes. The message was sent from an address that looked genuine and even asked customers to connect to a particular (false) web site ‘if you suspect fraud’.

Many ‘phishing’ e-mails do succeed (some suggest about 5%), with victims suffering identity theft and financial loss. One of the problems with such attacks is that the links provided in the e-mails go to false sites that look exactly the same as those they claim to be – even the address looks the same.

The following UK banks have been hit by such attacks:

  • Barclays
  • NatWest
  • Lloyds TSB
  • Halifax
  • Bank of England

What Can You Do?

  • Do not reply to such e-mails and never follow links provided. No bank would ever ask customers to give such information in this way.
  • A simple check would be to telephone your bank by a switchboard number or some other commonly known number and request more information. Do not use any telephone numbers given in the e-mail.
  • If you are worried about information that you have already supplied, contact your bank and credit card company immediately.
  • Passing details to the National Hi-Tech Crime Unit can help to reduce the impact of these scams.

© Crown Copyright. URN 05/623; 01/05

1 2 3 4 5 6 7 8 9

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>