Phishing again

I received texts yesterday asking me to verify that I made a payment via my bank account. What I found very amazing is, that somebody managed to purchase URLs with the beginning of HSBC.

I went onto my Internet service provider and searched for URLs beginning with HSBC and none apparently were available. I just wonder where those scammers are able to buy such URL names. Perhaps in some remote country from some strange provider?

It is really up to those selling URL names to ensure that no banking URLs can be bought by anybody but the bank itself.

What became apparent yesterday is that the person who had bought the fraudulent URL and put up a website, looking exactly like the HSBC log in page, managed to buy not only one but two URLs beginning with HSBC then a dot and then some business like phrase.

They first send the first text with the first URL and then 1 hour later another text with a similar sounding URL. The texts came from two non-withheld UK mobile phone numbers, probably burner phones.

Of course it is important that people report such phishing scams to their banks straight away. The quicker those are taken down, the less people fall pray to such scams.

It is relatively easy to put up false websites. It is easy to copy graphics and display them and then put a form onto that website and harvest input information. But if people cannot buy the URL in the first place, the scam becomes much harder to do.

I know all that stuff because I have been a webmaster for over 10 years.

Comments are closed.

Blog Stats

  • 53,940 hits