To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://www.silicon.com/financialservices/0,3800010322,39297553,00.htm

Phishers cash in on credit crisis
Bank mergers leave customers confused

By Elinor Mills

Published: Friday 03 October 2008

It seems phishers are cashing in on the current economic crisis and climate of mergers between financial institutions.

Security firm SonicWall said Thursday it has been seeing emails that attempt to lure people to fake bank websites, where they are asked to reverify their personal and bank information as part of a merger.

In one example that targets people affected by the Chase acquisition of Washington Mutual, the email asks recipients to click on a link and confirm their identity so Chase can "activate new security features for our new and old online banking customers". The link goes to a fake Chase website that asks for account login and other information, said Andrew Klein, a product manager at SonicWall. The scammers are gathering the information to sell to cyber criminals who will use it to transfer money out of victims' accounts or commit identity fraud, he said.

Klein told silicon.com sister site CNET News: "Banks wouldn't do this online. Traditionally, what happens is you get a letter in the mail."

Phishers and scammers commonly exploit news events to lure victims to sites that contain malware or that ask them to supply information. Cyber criminals are even using Google Trends to find out what web search terms are the most popular in order to make sure they have timely and relevant content on their sites with which to attract victims.

But this particular type of phishing attempt is particularly dangerous given how confused many customers are about what the bank acquisitions will mean for them.