US-based gaming Website, The Game Monsters, has been implicated in the latest round of phishing scams targeting Westpac customers, according to security experts. The phishing emails tell customers that an attempt to access their online account was supposedly denied that day. This is a variation of a previous phishing e-mail that Westpac customers were warned on the 14 November.
This e-mail reads: “An attempt to access Online Banking was denied on: Monday, 26 Nov 2007 at 6:25:46 EST. Access was denied for one of two reasons: Incorrect attempts to access and Login failures; signing on from a different location or device different from your location and your IP address.”
Recipients of the e-mail were then asked to confirm this by either clicking one of two image links – “That was me” or “That was NOT me” – to verify whether that they have attempted to make a transaction at the time mentioned. The links redirected to a server in the UK, and has been taken down according to PC Tools.
“The script is a simple redirection, however we can’t see the ultimate target, which I assume is also in the UK but it could be anywhere. One of our ex-employees works for Westpac Security so we know they deal with this stuff all the time, so I can assume it’s been taken down. Most of these scams are online less than 12 hours,” Jim Meem, security researchers at PC Tools, told ZDNet Australia.
The site pointed to siwhite.co.uk, which is registed to The Game Monsters. “The address given is one in Florida but the site looks fake,” said F-Secure global threat response manager, Patrik Runald.