Paralympic phishing scam blocked by coding error
![zd-defaultauthor-angus-kidman.jpg](https://www.zdnet.com/a/img/resize/64e1de71b5555c7ea854f87920589223f186e2d8/2014/12/04/a27b7521-7b62-11e4-9a74-d4ae52e95e57/zd-defaultauthor-angus-kidman.jpg?auto=webp&fit=crop&frame=1&height=192&width=192)
The e-mail, which falsely claims to be from Westpac, is a replica of a page from the bank's Web site which provides information on making donations to the Australian Paralympians, who need to raise AU$2 million to fund their visit to Athens this year.
It includes details of how to make a donation in person, by phone, or via a credit card. However, the link for credit card donations does not go to the official Australian Paralympic Committee donation site. Instead, the credit card link is designed to divert to a site which mimics the appearance of the APC site, but which is actually hosted in Romania.
Fortunately for the Paralympic movement, the phishers made a critical mistake. Due to a coding error in which a large number of blank spaces have been inserted in the fake URL, the address actually fails to resolve. Despite the error, the appeal to charitable instincts suggests that phishers -- often said to be linked to organised crime -- aren't slowing down their attempts to harvest credit card details and other financial information.
Westpac has been the target of numerous phishing scams in recent months, but a spokesperson recently told ZDNet Australia that customers had become more alert to the problem. All Australia's major banks now have an official policy of never requesting information from customers via e-mail.