KEY POINTS:
SYDNEY - Credit card users should be on their guard as a phishing campaign uses the name of a respected online security system and promises of rewards to steal their details.
SophosLabs specialists say an email claiming to come from the credit card company MasterCard tries to entice victims by promising safer online purchasing.
The experts say the content of the email is unusual as it tries to get MasterCard customers to sign up to SecureCode for extra security protection, and tops it off with a 16 per cent discount offer on future purchases.
Typical phishing campaigns are more likely to ask its targets to confirm their details for system maintenance purposes or similar.
In the MasterCard scam users click on a link in the phishing email and are redirected to a site that looks almost identical to the genuine MasterCard site.
The victims are then asked to supply confidential information including card expiry date, date of birth and a three digit security code located on the back of each credit card.
The next step is simple - the cybercriminals, now armed with more than enough detail to access accounts, take as much money as they can.
"MasterCard has been very successful in positioning SecureCode as the answer to online fraud," said Sophos' security consultant Carole Theriault, "and with so many computer users growing increasingly worried about the risks of shopping online, the prospect of greater security and money off can be too much to resist."
"What's more, phishers are putting a lot more effort into their scams these days and to the undiscerning eye, it's almost impossible to tell this isn't the real MasterCard site.
"Computer users must be wary of simply clicking on links in unsolicited emails and should take time to verify the site address first," she warns. "It may take a little longer, but will protect your money and identity from preying cybercriminals in the long run. Also, everyone needs to use a little common sense - if it seems too good to be true, it probably is."
- NZ HERALD STAFF
