New Spam Scam hits the wires: Internet Banking at risk

Following the PayPal password scam earlier in September, the same type of fraud is now being applied to a range of payment service providers. WMLR knows where from and how the information is harvested and how the scam is developing, warns the Anti Money Laundering Network.

The principle is simple: the fraudster does an internet search for "PayPal" and on each page that a link is found, there will be an e-mail address that the PayPal messages are sent to.

Next, the fraudster collects all of those addresses and sends a message to each asking the recipient to go to a webpage and enter their name and password.

The scam is easy because of a "feature" in e-mail client programs. An e-mail client is the program on your PC or Mac. When the e-mail contains a link to a webpage, the description that is displayed in the mail is not necessarily the same as the address the link actually points to. The tactic has been used for some time by those who send spam for pornography sites: an apparently innocent message will link to a sordid page. But the new twist is to create a fake website for the payment mechanism chosen and to put a simple form on the page asking for users to enter their username and password.

Once the username and password are entered, the fraudster has full access to the internet banking service or payment system entered by the user. The fraudsters are banking on companies using more than one payment mechanism and they are sending messages which spoof the "from" address to appear to be from "support@[service provider].com" Access to the account may, depending on the service providers' systems, permit access to credit card details, although most providers take steps to prevent the display of this information on the user's terminal.

The latest company to fall victim to the scam is e-gold.com: E-gold.com told World Money Laundering Report "We are in the process of getting the ISP provider to shut down the illegal site." The site was a clear copy of the e-gold site and replicated, almost exactly, a real page on the e-gold website. The success of this scam depends on numbers and speed. If a sufficiently large number of addresses has been collected, then there is a reasonable chance that some users will be taken in before the fake site can be taken down. And, of course, the scam can be replicated for the same service providers as there are always those who have not heeded the warnings that all the websites contain saying that they will never ask a user to tell their user name or password.