Posts Tagged ‘Bank’

HSBC phishers disguise attacks as Wimbledon tickets prize

Published by pratyushkp on June 20th, 2011 - in Social, Technology

With summer rapidly approaching (we hope..) in the UK, many people’s thoughts are turning to strawberries, cream and action on the grass courts of SW19.

Yes, it’s almost time for the Wimbledon tennis tournament!

Here’s an email that we’ve seen spammed out to computer users, pretending to come from banking giant HSBC.

The messages have a subject line of “Claim your ticket at Wimbledon” and have a file attached called prize-form.html.

Opening the file to unclock your prize, however, is not such a good idea as it contains a form which asks for all sorts of personal information about your bank account – including your date of birth, memorable names, card security code and so forth.

The scam earns some extra credibility because HSBC is a genuine sponsor of the Wimbledon tennis tournament, and there was indeed a competition held by the bank to meet Tim Henman.

Winners, however, were notified on 10 May 2011 according to HSBC’s website – which is more evidence, if you needed it, that this email is a phishing scam designed to steal your credentials.

Don’t allow the thought of free tennis tickets trick you into making bad security decisions. Always be suspicious of unsolicited emails from your online bank – especially if they ask for information like this.

Source :- http://nakedsecurity.sophos.com

  • HSBC phishers disguise attacks as Wimbledon tickets prize (nakedsecurity.sophos.com)
  • Media Decoder: A Bank and the ‘Taste’ of a Tournament (mediadecoder.blogs.nytimes.com)
  • The Ass-entials of Tennis: Wimbledon Edition [47 PHOTOS] (coedmagazine.com)
  • U.S. Open, Wimbledon Herald Summer Season (npr.org)
  • You: Rafael Nadal, Novak Djokovic and Roger Federer: London Is Calling (bleacherreport.com)
  • Nadal set for under cover start at Wimbledon (reuters.com)

Citibank victimized by hackers, insists cardholders are safe

Published by pratyushkp on June 9th, 2011 - in Social, Technology

Image by Getty Images via @daylife

Reuters is reporting that Citibank‘s systems were hacked, resulting in a loss of Personally Identifiable Information (PII).

Citibank says that data for 1% of their cardholders was accessed through this breach, but customers‘ Social Security Numbers (SSNs), birth dates, card expiration dates and CVV codes are safe.

Information that may have been disclosed to the hackers includes customers’ names, account numbers, contact details and email addresses.

According to Citibank’s website they are the world’s largest provider of credit cards, issuing more than 150,000,000 cards globally. Based on these numbers, information for 1,500,000 or more individuals may have been compromised.

In April Paul Gaulant, former head of the bank’s credit card unit, told Reuters, “Security breaches happen, they’re going to continue to happen … the mission of the banking industry is to keep the customer base safe and customers feeling secure about their financial transactions and payments.”

That may be true, but feeling secure is not the same as being secure. How this information was acquired and why it wasn’t protected against theft is a far more important question.

Citi has stated they will notify customers believed to be affected by the breach.

Customers affected by this incident should be on high alert for scams, phishing and phone calls purporting to be from Citibank and their subsidiaries.

While Citi customers aren’t likely to have fraudulent charges against their accounts as a result of this breach, they are likely to encounter social engineering attempts to enable further crime.

Considering that the attackers have your name, account number and other sensitive information they are able to provide a very convincing cover story to victims.

Never accept incoming communications purporting be from financial institutions you do business with, whether by email or phone call. Call them back using only the phone numbers published on your cards or statements. When logging in to perform online transactions, always enter their website address directly in your browser. Never click links.

Source :- http://nakedsecurity.sophos.com

  • Citibank Reveals Massive Data Breach (newser.com)
  • Citibank hacked, 1.5 million customers information may be at risk ~ Softview (softview.co.in)
  • Citibank the latest to suffer successful hack (electronista.com)
  • Citi admits hackers stole data on 200,000 card holders (slashgear.com)
  • Bank Of America Settlement In Debit Card Litigation (businessinsider.com)
  • Tips for Protecting Yourself from Identity Theft (savings.com)
© Social Media Blog