Bank scam may originate from Russia

Bank scam may originate from Russia

Summary: Emails attempting to trick customers out of their bank account details could be a Russian version of the 419 email scam, according to a security expert

TOPICS: Security

A criminal element from Russia may be responsible for the recent spate of spoof emails that have attempted to con online-banking customers into revealing their account details.

Over the past month, Internet banking customers of Barclays, Lloyds TSB, Halifax and more recently, NatWest, have received emails that appear to be from their bank, asking them to confirm their personal details. The emails contain a hyperlink that takes the unsuspecting user to what looks like their bank's official Web site, but has actually been set up by a third party in order to collect details that could be used fraudulently.

The scam is reminiscent of the infamous "419" scam emails, where the scammer offers large sums of money in exchange for assistance with transferring funds out of Nigeria or other countries, but experts believe that the new frauds originate from Russia.

Pete Simpson, ThreatLab manager at software security company Clearswift, told ZDNet UK that although there is still no solid evidence that the Russians are behind the emails, a significant number of the scams have been originating from the same source. "They appear to be coming out of Russia via an ISP in New Zealand at the minute, but that can switch any time," said Simpson. He said that the new scams are more organised than the 419 scams, representing "a concerted project as opposed to the odd fishing expedition."

The scammers are getting more creative in order to fool people into handing over valuable information, Simpson said, giving an example of a recent suspicious email disguised as a lucrative job offer. The email says that a total of 12 candidates have been short listed for a highly-paid job, but the recipient is offered the "first bite of the cherry" if they respond.

Simpson said that the recent bank scam emails will only be able to cause problems if people respond to them right away. "They tend to be short-lived affairs because if they get someone, the chances are that people will spot it and take various steps to shut the Web site down in a matter of hours," he said.

Because the emails are sent to so many people, it only takes a few responses to make the scam profitable, Simpson said. "There are a small number of people that will fall for it, but you only need a small return to make it worth while," he said.

Topic: Security

Munir Kotadia

About Munir Kotadia

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.

Munir was recognised as Australia's Best Technology Columnist at the 5th Annual Sun Microsystems IT Journalism Awards 2007. In the previous year he was named Best News Journalist at the Consensus IT Writers Awards.

He no longer uses his Commodore 64.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Watch out for a similar scam on e-bay
    I very nearly fell for this one when I got an e-mail from what I was sure was e-bay themselves asking for confirmation of registered credit card details. I was so 'almost sure' that I logged on to e-bay to update my credit card manually. This action of course was not at risk. only when I inspected the URL's did d the fraud come to light which I reported and the site was shut down I have had a similar e-mail since however so these guys are obviously serious about getting credit card details.
    I think that the time has come to make sure that one is protected against on-line fraud via insurance or good terms and conditionds on credit cards.
  • I think that maybe my husband has been suckered into this scam...He has been working with a few people from Nigeria...Who can I contact to investigate with either party not knowing about this?
  • To Anonymous in Alaska --

    Here's the website for the National Fraud Information Center:

    This site has all the information on the scams, how they work and what you can do to shut them down. Don't delay -- time is NOT on your side. If you have made a mistake, you can apologize later. If HE'S made the mistake, you may be saving both of you THOUSANDS of dollars.

    Good luck!
  • I have been recieving emails saying this person wants to buy my house which is advertised on the net. I almost fell for it, but when I actually phoned the accountant(see letter below) he wanted my bank account details to put the money into my account. I have sent the email to you. From : leonan dere <>
    Sent : Sunday, May 16, 2004 10:58 AM
    To : becky sweetman <>
    Subject : Re: from becky

    | | | Drafts | Inbox

    This message was last saved by an e-mail application other than web-based Hotmail. Due to file formatting issues this draft can only be edited using that same application.

    Mrs Becky

    After due confirmation, with my wife, we have decided to purchase the house.
    Below is my accuntants contact, he will be taken full documentation of the house, i have also given him full go ahead for payment, so as soon as you both come to an agreement, he will issue payment,

    Mr Paul Mills


    Note, i intend to travell in the next two weeks, and hope all will be concluded before then.

    Thank you for your co-operation.

    Best regards.
    Mr Leonan

    becky sweetman <beckysweetman5
  • Suntrust Bank, Washington Mutual, Citizens Bank, and TCF Bank can be added to your list now. Everyone should know that the banks will NEVER ask for your pin numbers on line, certainly not in a blanket email, notice that it is NOT addressed entirely to you, which does not make it a confidential mailing.
  • Hello

    We are Russian trading company Hofon Group Ltd.
    We are looking for business partner from UK.

    You can earn some cash for the small help in one matter.
    It is easy. No special actions.

    Please contact us for more details only by this email: HOFON@KM.RU

    Andrey Gorilenko.
    Hofon Ltd

    name), he disappeared with a flutter of cloth and a last burst of
    whatever foul deed my whimsy happened to muse upon. My powers of
    abominations of the past would rise again out of the Oooooze that
  • I am having a succession of these type of emails .
    Apart from using filters on my email software is their any other way of stopping them? They appear to get past my junk filters.
    Im running macafee by the way.