technology
Hardware
Chips
Graphics
Notebooks
Peripherals
Servers
Software
Science
Internet
Defence
Research
Unbelievable
telecoms
Applications
Broadband
Digital Content
Infrastructure
Mobile
business
Financials
Legal
Logistics
Resellers
Retail
Security
Rumour
Letters
outsourcing
BPO
Outsourcing
CRM
NewsNow
NewsNow
NewsNow
RSS Feed


Thursday, 2 September 2010 19:04 UK Login |  Bengaluru, India


 

Sophos warns of UK phishing scheme

Phony e-mails target tax payers  

By Aharon Etengoff in San Francisco @ Friday, November 28, 2008 11:26 AM

 
 

Sophos Labs has issued a warning over a phishing campaign expected to target UK tax payers.

The company reportedly intercepted sample e-mails offering to return £450 - 650 worth of tax to "every man aged between 30 and 55 years".  The phone tax-relief messages, which purported to originate from the UK Government & Ministry of Finance, directs users to a web site that requests sensitive personal information, including age, marital status and number of children. The data could be used by phishers to construct fraudulent identity profiles for credit card forms and other online transactions.

"At a time when many people will be uncertain about their finances and job security, cybercriminals have clearly been quick to take advantage of the situation," explained Graham Cluley, senior technology consultant at Sophos.

"As the Government is expected to make announcements relating to recession-busting tax cuts, those eager for the bigger picture should monitor official channels and ignore any unsolicited emails asking for personal details. This campaign, coming in the run-up to Christmas, also takes advantage of the trend for special-offers and vouchers to be circulated via email - computer users should do their best to stay mindful of the risks."

As IT Examiner previously reported, online identity theft remains a critical threat despite increased awareness of its dangers.

David Porter, head of security and risk at Detica, explained that there was only so much that experts and computer systems can do to prevent identity fraud. According to Porter, final responsibility rests with the consumer. "Identity fraud attacks succeed largely because of human fallibility; however there are simple steps that people can take to avoid being caught out by fraudsters," he said.

Porter also noted that internet surfers need to be more guarded about their behaviour and realise that personal information posted on social networking sites could be "accessed and used by fraudsters".

J Prasanna, CEO of AVS Labs, told IT Examiner that users without an updated antivirus database and personal firewall were susceptible to Trojan key loggers that intercepted usernames and passwords. Prasanna also recommended installing QFX Keyscrambler to encrypt every keystroke.

It should be noted that QFX Software recently released a new version of its Keyscrambler encryption application. The updated security application offers improved protection for user logins in Windows workstations, active directory domains and Vista's user account control prompts (UAC). It also helps to prevent cyber criminals from gaining access to critical systems, and reduces the risk that a single breached computer will  compromise an entire network.

"One of the common ways for hackers to gain access to confidential and valuable business information is to compromise a less critical, less-guarded workstation and install a keylogger to capture credentials that will enable them to access more heavily secured parts of the business infrastructure," said Qian Z. Wang, CEO of QFX Software. "Keyscrambler Premium 2.3 helps defeat this attack vector and prevent a small breach from turning into a costly and embarrassing security event."

Check Out
IT Examiner

 
  Add Comment 
  
Copyright 2009 - ITExaminer.com  Terms Of Use  Privacy Statement  Contact Us