RealNews

Password-stealing e-mails spread

Beware any e-mail, however professional in tone, that asks for personal account information. Internet users continue to be flooded with legitimate-looking e-mails that ask recipients to enter account numbers, passwords, and other data. A new con aimed at Discover Card holders is just the latest in a long line of scam e-mails sent by con artists trying to hijack accounts at AOL, PayPal, eBay and other online firms. A Flurry of e-mails sent Wednesday purported to be from Discover Financial Services. The messages told recipients that their accounts were on hold and they needed to log in with their account number and mother’s maiden name to reactivate them. “Due to your inactivity your account has been put On Hold,” the e-mails said, just under a Discover Card logo pulled from from Discover’s Web site. “To remove this status you have to Log In to your account and review Discover Privacy Policy.” The e-mail looks real, and most of its content is pulled directly from Discover’s computers. Even a suspicious recipient who looked at the e-mails source code would see a series of links to www.novusnet.com, the company’s Web site. But replies to the e-mail, including any credit card numbers, are quietly routed to a computer with an Internet address in Russia. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.