|Users may be clicking on links to bogus banking websites|
Sophos technical support has reminded computer users to be wary of bogus emails that pretend to come from online banks. The emails typically ask users to confirm their email address by visiting a website and entering information about their account numbers, passwords and PIN details.
Sophos technical support reports that it has seen an increase in queries from users recently disturbed by the emails they have received, some of which have appeared on first examination extremely official, claiming to come from online banks. Recently bogus emails have claimed to come from a number of banks including Nationwide, NatWest, Barclays, Westpac and Halifax.
Once account numbers, PIN and login password details have been obtained the fraudsters can easily steal money from the innocent user's bank.
"The people behind these emails are common criminals, intent on stealing your cash," said Graham Cluley, senior technology consultant for Sophos. "They have been busy setting up scam websites which mimic the appearance of the real banking sites, and have directed innocent users via email to visit them. Any user who receives a bogus email such as these should inform the bank immediately so that they and the legal authorities can investigate."
Sophos notes that because the fraudsters behind the email do not know what online bank (if any) is being used by the owner of a particular email address they have been spamming thousands of people en masse in the hope of successfully capturing a victim.
The UK National Hi-Tech Crime Unit has said it has stepped up its investigations of scams such as the one described above, but that there is a risk prosecutions could be hampered by inadequate laws in the countries where the scammers operate.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.