Almost everyone has been the target of a scam at some stage in his or her lives, and many people have repeated, ongoing exposure to scam attempts. The aim of SCAMSTERS INC. is to provide you with information you need to Protect Yourself from scams, so you can recognise a set-up and avoid the hook and the inevitable sting of a scam. Its your Daily dose of Scams in your neighbourhood.its an Archive for all thats related to SCAMS,FRAUDs,Etc....

this Site

SCAMSTERS INC provides an Antiscam - Useful External links page to similar and related to Bangalore and rest of India. Finally, SCAMSTERS INC. provides advice for those who have fallen for the bait and been hooked at 'I've been scammed. What should I do?

New Phishing attack on online banking customers

A new unique type of phishing attack targeted against online banking customers was recently discovered by the RSA FraudAction Research Lab. RSA has coined this as a "Chat-in-the-Middle" phishing attack and it is first executed through routine means but then presents a more advanced layer of perpetrating online fraud.

The September Fraud report of RSA reveals how "Chat-in-the-Middle" Phishing Attack Attempts to Steal Consumers' Data via "Bogus Live Chat Support" downloaded from the website.

Here are the highlights:

* The phishing attack may dupe bank customers into entering their usernames and passwords into an ordinary phishing site but the addition of a bogus live chat support window can obtain even more credentials via a live chat session initiated by fraudsters.
* During the live chat session, the fraudster behind the attack presents himself as a representative of the bank's fraud department and attempts to dupe customers who are online into divulging sensitive information – such as answers to secret questions that are used for online customer authentication.
* While the fraudster chats with the victim through the bogus live chat window, the chat messages are processed in the background through a Jabber module located on the fraudster's computer.
* Jabber is an open source instant messaging (IM) protocol which has recently been gaining popularity among fraudsters for the purpose of receiving stolen credentials in real-time.
* As previously reported by RSA, Jabber was being used by fraudsters to forward stolen credentials from infected computers in real-time from a Zeus Trojan's drop server to Trojan herders. While the browser based chat window does not require victims to have Jabber or an IM application installed on their computer, Jabber is used by the fraudster to manage the one-on-one chat on the back-end.
* India is amongst the top ranking countries in terms of bulk of phishing attacks and also attack volume during August.

Source: ciol.com


Post a Comment