Netcraft, a provider of internet security services and research, is reporting that a recent batch of phishing web sites targeting Chase Bank and eBay were hosted by state-owned Chinese Construction Bank. This apparently is the first time a bank’s servers have been used to attack another bank.
The phishing emails were sent out in mid-March offering $20 for users to fill out a survey. As part of the survey, users were asked for their account username and password, credit card number, PIN, and security number as well as their SSN and mother’s maiden name. The phishing pages were hosted on an IP address assigned to China Construction Bank, Shanghai Branch.
It’s unclear if the attack was generated by the bank itself, by one of its employees, or by someone who had compromised the bank’s servers.
(22 votes, average: 3.5 out of 5)
Loading ...
Stumble it!
Ken
May 16, 2006 @ 11:02 pm
I just received an email from PayPay, saying that someone has tried to log-on to my account. I don’t have an account with PayPay. The links had http://chase-online-banking.1sweethost.com/paypal/ and if I had any questions, I could contact: suspor@wachovia.com. The email looks similar to your picture. I don’t know if it is a scam but, I deleted it and emptied the trash can.
Dave
May 19, 2006 @ 10:54 am
You can forward something like this to spoof@paypal.com.
Additional information is available on our “How to Report a Scam” page - http://fightidentitytheft.com/how-to-report-scams.html
Identity Theft
July 30, 2006 @ 8:50 pm
The amount of infected servers overseas is incredible. Not only that, but the amount of servers that are set up for phishing is incredible. All those emails that are supposed to come from ebay or paypal have limited reprecussions here in the US which is unfortunate for us.
Frank
November 6, 2006 @ 2:07 pm
There are thousands of scams out there. Everyone needs to protect their identity with the help of a professional security firm.
kittyjack
March 6, 2007 @ 1:31 pm
The biggest ones to watch out for right now seem like the PayPal, eBay, Hotmail, Chase Bands, First National and First International Banks,and Bank of America (BofA).
thnsurface
April 6, 2007 @ 2:14 pm
Internet Explorer just launched an update that includes a “Phishing Filter”. I downloaded it, and it seems to be doing it’s thing, whatever that is. But the pop-up blocker needs some work!!!
boomersrec
April 6, 2007 @ 2:18 pm
There’s a reall great article about phishing sites here: http://www.peoplesearchnews.com/security/phishing-scams-can-take-you-for-thousands/
Jennifer C.
April 6, 2007 @ 2:22 pm
It’s amazing that there aren’t more international laws preventing this type of crime, the federal laws here in the U.S. are pretty stiff on this, but it seems that in China and Africa there are very little resources to catch these crooks. It’s up to combat this behavior with resistance, and education. Don’t even respond to the emails or letters.
Christi
April 20, 2007 @ 4:33 pm
If you find that your identity has been stolen, it’s a good idea to run a search report on yourself. This way, if the person who stole your information has been using it and has received anything in the mail, you can find the addresses used. It’s well worth the few bucks for the report!