A technique called "phishing" is becoming more commonplace on the
internet. You receive a "legitimate" looking mailer from a bank, credit
card, e-Bay, PayPal, etc that appear legitimate, appear to go to the
intended destination site, but instead dupe you out of credit card info
or other personal information.
SANS released these two items related to current "phishing" which
contain links with further explanations:
> --Microsoft Patch Pack Doesn't Fix IE Flaw Used by Phishers
> (13 January 2004)
> Microsoft's patch release for January fails to address an Internet
> Explorer (IE) flaw that has been exploited by phishers to fool people
> into believing they are visiting legitimate web sites and they dupe them
> into revealing their credit card numbers and other sensitive data.
> http://www.washingtonpost.com/ac2/wp-dyn/A13587-2004Jan13?language=printer
>
> --Gone Phishing
> (13/14/15 January 2004)
> Customers banks and other businesses continue to be targeted by phishing
> scams.
> Westpac Bank (New Zealand/Australia):
> http://www.smh.com.au/cgi-bin/common/popupPrintArticle.pl?path=/articles/2004/01/15/1073877955031.html
> Barclays: http://www.vnunet.com/News/1152038
> AT&T Worldnet: http://computerworld.com/printthis/2004/0,4814,89029,00.html
Jeff Kell
Network Services