Data leakage double time

Graham Cluley
@gcluley

The Sydney branch of SophosLabs has discovered an interesting phishing campaign against a local bank today. Interesting because it carries a double whammy for any unsuspecting soul dragged into it.

The first contact from the phishers arrives in the tried-and-test traditional way as an email. Here are its characteristics:

Subject: 1 new message
From: “ANZ” <anz@message.com.au>

The message body contains a link which brings up a fake logon page for Australian financial institution ANZ, inviting donations to the Bushfire Appeal.

If you make the mistake of entering your username and password at this point it will be posted to a web server in Italy.

The double whammy here is that the Italian server hasn’t been secured properly, so any username and password you enter is not only uploaded to the cybercriminals, but subsequently open to anyone with a web browser. Ouch!

There’s a silver lining, however, to this particular…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.