Beauty contest winner becomes latest victim of online phishing fraudsters, Sophos reports

June 02, 2008 Sophos Press Release

A beauty contest winner has had money stolen from her bank account by phishers. Image copyright (c) Sophos
A beauty contest winner has had money stolen from her bank account by phishers.

IT security and control firm Sophos is reminding computer users about the risks of identity theft and online fraud following news that Jade Saunders, the current beauty contest winner in the British seaside town of Scarborough, has fallen foul of an email phishing scam.

The twenty year old student, who was crowned Miss Scarborough in April this year and who is also a semi-finalist for Miss England 2008, had clicked on a link in an email purporting to be from her bank which took her to a genuine looking website. By entering her details on this convincing fake site, designed to con trusting web users into entering their account information, Jade was providing devious cybercriminals with all they needed to set up a standing order on her account for £10,000 (approximately US $20,000).

Sophos experts remind computer users that they should never respond to emails that request personal financial information and check that the websites they are visiting are secure.

"Although these phishing attacks are nothing new, sadly Miss Scarborough is unlikely to be alone in her misfortune," said Graham Cluley, senior technology consultant for Sophos. "According to the Anti-Phishing Working Group, phishers are able to convince up to five per cent of recipients to reply to the kind of email sent to Jade, but this needn't be the case if simple habits are learnt. Reputable companies don't ask their customers for passwords or account details in email, so even if you think a message from your bank may be legitimate, don't follow any links, instead visit your bank's website by typing its address into your web browser."

"Businesses need to be on their guard against phishing attacks too," continued Cluley. "It's important that companies have properly defended their staff against attacks which can aim to steal corporate information as well as personal data."

Sophos recommends that all computer users ensure their computer security is up to date and that they are fully protected against the latest spam, email and web threats.