• On TV.com: THE GIRLS NEXT DOOR photos

August 11, 2005 7:48 AM PDT

New scam asks people to fax away data

By Dawn Kawamoto
Staff Writer, CNET News

  • Print
Related Stories

ID theft ring hits 50 banks, security firm says

 August 8, 2005

Between phishers and the deep blue sea

 July 18, 2005

Hacking for dollars

 July 6, 2005

Phishing attacks take a new twist

 May 4, 2005
Phishers have added a new lure to their tackle boxes: e-mails that ask people to fax sensitive information to bogus security investigators.

In a new scam, attackers are sending e-mail warnings that appear to come from PayPal, security specialist Sophos said Wednesday. These e-mails say that someone tried to reset the recipient's password and asks him or her to participate in an investigation.

The e-mails direct people to a Microsoft Word document hosted on a Web site and urges them to download the form, fill it out, and fax it to a toll-free number, Sophos said. The form asks for credit card information.

The new tactic comes as people are becoming more suspicious of e-mails asking them to fill out sensitive information online, said Graham Cluley, a senior technology consultant for Sophos.

"We've seen a few attempts of this in the last few days, where phishers are trying out a new technique with people who have learned their lesson about filling out forms on a Web site," Cluley said. "They're hoping people will feel it's safer to fax back a form."

"It seems like a dumb way for the phishers to operate," Cluley added. "The authorities can easily track the phone number. But what isn't clear is whether they will get a (toll-free) number and then quickly dump it, or (whether they've) acquired the number using a false ID, or can have the calls transferred to a satellite phone somewhere outside of America."

E-mail-based phishing attempts may be getting less effective, though. As with other types of unsolicited mail, people are increasingly glossing over these messages as they troll through their inboxes, Cluley said. Phishers, as a result, are likely finding their mail-based efforts less fruitful.

"Trojans and worms are becoming more popular, because the information can be gleaned surreptitiously," Cluley said. "It's the way the trend is going."

See more CNET content tagged:
Graham Cluley, Sophos Plc., fax, scam, phishing

Add a Comment (Log in or register) 4 comments
Only idiots respond to such emails
by bobby_brady August 11, 2005 8:34 AM PDT
So it's hard to feel sorry for them.
Reply to this comment
In order to reply to this story...
by Harfeld Bilgewing August 11, 2005 8:40 AM PDT
Please remember to include your credit card number, expiration date, and billing address in your post.
Reply to this comment
Here is the requested data:
by hadaso August 11, 2005 12:14 PM PDT
VISA
5674 7682 0923 9374
48573 Sucker Lane,
Fraudville, MS 94854

Oh, and the three digit security code on the back is 528.
security and pricavy
by August 11, 2005 9:06 AM PDT
someone need to know this..think so

http://errortest.blogspot.com/2005/08/zoneh-securing-wi-fi-access.html
http://errortest.blogspot.com/2005/08/big-impact-concern-over-data-security.html
Reply to this comment
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets

Market news, charts, SEC filings, and more

Related quotes

Dow Jones Industrials (6.54%) 494.13 8,046.42
S&P 500 (6.32%) 47.59 800.03
NASDAQ (5.18%) 68.23 1,384.35
CNET TECH (5.95%) 56.25 1,002.00
  Symbol Lookup
advertisement

Inside CNET News

Scroll Left Scroll Right
News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
CES
Cell phones
Dell
GPS
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET