Webtrends Tracking Code
 
UK Home >  OUT-LAW News >  News Archive >  2003 >  December 2003 >  NatWest shuts web site after phishing scam

NatWest shuts web site after phishing scam

OUT-LAW News,

For the second time in six weeks, NatWest has been the subject of an internet scam known as phishing, where e-mails appearing to come from a legitimate business are sent in an effort to fish for recipients’ financial details.
For the second time in six weeks, NatWest has been the subject of an internet scam known as phishing, where e-mails appearing to come from a legitimate business are sent in an effort to fish for recipients’ financial details.

Early in the week, fraudulent e-mails purporting to come from support@natwest.com began to arrive in e-mail in-boxes throughout the UK. According to Web User, the e-mail said:

"Our new security system will help you to avoid frequently fraud transactions and to keep your investments in safety. Due to technical update we recommend you to reactivate your account. Click on the link below to login and begin using your updated NatWest account."

The link led to a phoney NatWest web site and a request for the browser’s account details.

Such attacks are not new, but still catch people out, relying on their trust in a familiar brand to perpetrate the fraud. Usually the phishers send their e-mail using a related trick, known as spoofing, where the identity of the sender is manipulated to foster that trust.

When offering a link to the site, it is easy to disguise the URL. A common trick in phishing scams is to use the @ symbol in the URL. Most browsers will ignore all characters preceding the @ symbol – so the URL http://www.natwest.com@phishingcrook.com may look to the unsuspecting user like a page of NatWest's site. But it simply takes visitors to phishingcrook.com. The longer the URL, the easier it is to conceal the true destination address.

NatWest pulled its site off-line for a short while on Monday morning, but a spokeswoman told the BBC that this was only a precaution.

She explained, “None of our customers have lost any money, but as before we ask them to remain vigilant and notices have been put up on the web site."

In October, NatWest was one of four banks and building societies targeted in the course of a week.

But banks have other on-line problems to contend with. It was reported this week that some US automatic teller machines (ATMs) using Windows operating systems fell victim to a computer virus earlier in the year.

According to Reuters this is the first time that a computer virus has managed to access ATMs.

Bruce Schneier, of Counterpane Internet Security, told Reuters: "It's a harbinger of things to come." He added, “Specific purpose machines, like microwave ovens and until now ATM machines, never got viruses”.

See also: Phishing expedition hits four banks and building societies, OUT-LAW News, 28/10/2003


Get OUT-LAW's best stories by free weekly e-mail
Register NowWhy should I?

 

OUT-LAW Recommends

Free OUT-LAW seminars
- Making your contract work
- Information security
Six cities, October & November

This week's podcast
Are ISPs about to betray our trust?

Winner at 2008 Webby Awards

OUT-LAW star: link to the home page
Disclaimer | Privacy | Site Map | Accessibility
Disclaimer: This was printed from OUT-LAW.COM, a service of international law firm Pinsent Masons. We hope you find this content useful. However, please note that nothing in this document constitutes specific legal advice. You should consult a suitably qualified lawyer on any specific legal problem or matter. Any questions, please email info@out-law.com.