Dynamite phishing
This entry isn’t strictily Vienna-related, but since we pretty much have to represent for all Austrians (Except for the rocking folks from Linz and Graz, of course), I think I can safely share this with you. Just now, I got a nice mail from the folks at the Raiffeisen Bank group who told me that, because of new regulations to prevent money laundering, they have to check every e-banking account and kindly ask me to log in to prove I am a genuine customer. How thoughtful.
About the only problem is I am not, and never was a customer at this bank. Oh, and there’s the rather, let’s call it creative grammar in the mail. Yup, you guessed right, the practice of phishing has reached the sunny, land-locked shores of our little country. I’ve gotten similar mails like this in the past days, and let me tell you, I am disappointed. The quality of the fake sites is abysmal, there’s silly jokes in the URLs (I guess you’d have to be pretty dense not to be alarmed by “index-NA-NA-NA-NA-HEY-HEY-HEY-GOOD-BYE.html”), and most of the images in those mails won’t load.
This specific piece of forged information takes the cake, however – have a look at the name of the attached file. I personally would not have a problem with it, but I guess it will be a very, very cold day in hell before any bank sends me an image called “transsexuals.gif”. Shame on you, account phishers! Get your act together before you try to expand your business into international waters!
there was something about phishing reaching austria’s metaphorical shores in the news, a couple of months ago already.
last august i got this:
“Sehr geehrter Kunde,
Die Deutsche Bank sorgt immer für die Sicherheit von unseren Kunden, […] In der letzten Zeit wurden die Betrügereiversuche, die Geldmittel von den Bankkonten zu stehlen, häufiger geworden. […] Wir bitten Sie, um das System richtig laufen zu lassen, die Form der zusätzlichen Autorisation auszufüllen. Wir hoffen, dass Sie unser neues Sicherheitssystem richtig einschatzen.”
well, as we all know raiffeisenbank is THE bank in upper austria (thanks to mr. vikerl scharinger who is spreading his fertility throughout linz..) But we guys still can spell simple verbs correctly! Your mail makes me think about a bunch of hackers sitting with the german dictionary and trying to get that damn translation done… guys, get yourself a secretary!
Mr. Philipp, i am working for Raiffeisen (thankfully not directly in the bank, but in the high class technical background somewhere located on the arse of vienna), and believe me there are lots of people that actually do that kind of shit.
its so darn easy to get their passwords, seriously. they click on every link and a really bad fake email is enough for them to tell everyone their password.
While this particular instance might seem a bit sloppy, I’ve seen *very* sophisticated phishing emails that disguised the target URI w/ javascript u.s.w.