Subscribe
About

Phishers haven't given up yet

By Damian Clarkson, ITWeb junior journalist
Johannesburg, 20 May 2005

Russian phishers have repeatedly tried setting up new links to defraud local banking customers after Standard Bank shut down their original site.

Fortunately, the criminals' most recent attempts have also proved fruitless, says Standard Bank technology engineering director Herman Singh.

"They are trying to redirect customers to a phishing site by modifying the DNS [domain name server] system. But we are tracking them around the world, and when a new one appears, the site is back down within a few minutes.

"Logic says that, on a risk-versus-reward basis, they will give up," he says.

No Standard Bank customers have yet been affected, but if they were, it is not clear how the criminals planned to move the money from the country, says Singh.

"We are perplexed at this phishing site. Local law stipulates that a private individual cannot simply move money out of the country, so exactly what these Russian criminals were planning to do is not clear to us."

The original phishing site was shut down yesterday after hoax e-mails purporting to come from the bank began circulating locally, asking recipients to follow a link to confirm their online banking user names and passwords.

Singh hastens to add that such actions only form part of any security system. "Our main aim in shutting down the sites is to make it uncomfortable for such criminals. But security is multifaceted, including things like consumer education, identifying potential sites before they go live, and so on."

Standard Bank will also introduce a more secure authentication process in either June or July. "I don't want to say it will be impossible, but it will be extremely difficult for criminals to crack it."

First National Bank (FNB) was targeted by a similar phishing attack earlier this week in which five customers were affected. FNB Internet banking head Roland Le Sueur confirmed that money had been transferred from the customer's accounts to an account within the South African banking system.

"They were all reimbursed according to FNB's online fraud guarantee," says Le Sueur.

Related stories:
Russians go phishing in SA
Standard nets phishing sites

Share