The Sydney branch of SophosLabs has discovered an interesting phishing campaign against a local bank today. Interesting because it carries a double whammy for any unsuspecting soul dragged into it.
The first contact from the phishers arrives in the tried-and-test traditional way as an email. Here are its characteristics:
Subject: 1 new message
From: “ANZ” <firstname.lastname@example.org>
The message body contains a link which brings up a fake logon page for Australian financial institution ANZ, inviting donations to the Bushfire Appeal.
If you make the mistake of entering your username and password at this point it will be posted to a web server in Italy.
The double whammy here is that the Italian server hasn’t been secured properly, so any username and password you enter is not only uploaded to the cybercriminals, but subsequently open to anyone with a web browser. Ouch!
There’s a silver lining, however, to this particular…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.