Print

Email scam targets ‘Verified by Visa’

Doing your Christmas shopping online is a good way to beat the crowds and chaos this year. There are however certain things you have to be careful about in the online shopping world. A new phishing scam, recently uncovered by webroot (http://blog.webroot.com/2009/11/18/faux-verified-by-visa-phishing-scam-targets-holiday-shoppers), targets online shoppers looking to sign up to the ‘Verified by Visa’ program.

The ‘Verified by Visa’ security system works by setting up credit card users with an additional password for online transactions. When a purchase is made through a participating vendor site, the additional secret password is required to complete the transaction.

The new phishing scam begins with an email, informing the recipient that they can sign up for a ‘Verified by Visa’ program by visiting a supplied web page. Upon visiting the fraudulent webpage, unsuspecting victims are asked to supply all the information they supplied to their card-issuing institution when they first signed up for a Visa card.

What is worrying is that the web page is considered more professional, slick and clean than most other phishing pages. The page’s businesslike appearance serves to reassure the victim that the page really belongs to Visa.

‘Verified by Visa’ helps to prevent criminals from using stolen card numbers and reduces the incidents of fraud. It’s important to make sure that you’re signing up for Visa’s genuine program however, and not providing crooks with access to your private security information.

Phishing attacks work by a cybercriminal sending a "spoofed” email that appears to come from a legitimate organisation such as a credit union, bank, card company or ISP. The email may ask for a reply with private information details in order to "update security" or for some other reason. The phishing email may also direct recipients to a spoofed website or pop-up window which looks exactly like the real site, but has been set up for the sole purpose of stealing personal information.
With online crime growing all the time it’s important to:

  • Remember that after an account has been set up, banks will never ask a customer to resupply private information through an email
  • Understand how phishing scams like fake websites can be detected
  • Keep informed about the types of online security risks you may encounter.

next

Find out more

What do you get?

  • eBusiness Strategy
  • Content Management System
  • Free Online Tools
  • High-Quality Website Design
  • eMarketing and Campaign Support
  • Website Support
  • Intranet Development
  • Infrastructure & Service Standards

Shared Services

  • Shared Services Pty Limited is an aggregated service delivery provider for credit unions and other mutual ADIs.
  • It aggregates services to reduce costs and share infrastructure.

For over 8 years I developed a number of websites for credit unions, brokers and other businesses. When having a close look at what Brighton Consulting is able to offer and the various tools, database systems and quality of design, I was impressed. They have a genuine specialised understanding about the unique requirements financial institutions need. This is a rare resource in the web development world.

I have had to do this kind of development for clients in the past and have a thorough understanding of what is involved. I truly feel you may need to invest as much as $100,000 to have the tools, resources, database systems and visual interaction/ layout format developed on a once-off basis. Brighton is well worth the investment.

Colin McCallSenior Manager - Sales & Service
Reliance Credit Union