image: twitter / PO3T1985
Criminals send Swisscom's bogus bank documents via e-mail – so you know fraud
The new sparkling wave has been uncontrollable in Switzerland since this afternoon. Fraudsters of Swisscom's bogus emails to get passwords, credit card details, and so on, to clear their bank account. The Federal Government Emergency Response Group on Twitter writes:
"Attention! Cybercriminals is currently sending bogus emails with alleged accounts for Swisscom. The aim is to attack computers by electronic banking Trojan Gozi. Do not open attachment and remove mail. "
E-banking Trojan Gozi was first discovered in 2007. It is constantly being changed by Internet criminals and re-circulated through fake emails or manipulated websites. Those who are trapped are trapped with malware that transfers user data, such as passwords, to criminals. Gozi is also able to make unsecured transactions by the user. Attackers redirect the e-banking application to copied e-banking websites. An e-banking user enters his password on websites that look like real banking websites but are run by attackers.
In recent years, invaders have developed Trojans, such as Gozi and Retefe, and their methods have been repeatedly different.
Fraud is identifiable by suspicious addresses and senders as:
image: twitter / @ralfbeyeler
Generally, fraudsters are increasingly in the throes of phishing emails that many Swiss are now accustomed to accepting their invoices by e-mail and, of course, they want to check the amount, that is without a doubt click on the usual button «View invoice». The link in this case hides a dangerous ZIP file.
Such scams are often – but not always – based on a false email address visible. If you have a mouse over the "View invoice" button, you will also recognize the phishing attempt. A fraudulent connection appears in the browser at the bottom of the screen. In e-mail applications on smartphones, false email addresses and links are often not easy to detect because applications hide their own address behind the link.
Fraudsters pretend that email is signed by Swisscom:
In the fight against phishing, Swisscom, UPC and Co. e-cash box electronic signature (e-certificate). The signature is used as a digital signature. This means that the sender of the e-mail is indeed the relevant telecommunication company. How to recognize whether an email has an electronic signature, explains Swisscom.
Since Swisscom knew about the attack at noon in the meantime, it has blocked some infected websites from which Trojan will be downloaded. Absolutely clear is still waiting. Viral scanners usually detect only new versions of Trojans after a while.
You may also be interested in:
Telephone frauds grow fast