Get Safe Online Week – Another Phishing Scam
Posted on 17. Nov, 2009 by Mike Halsey in news
As if to herald the launch of Get Safe Online Week I received an email last night from a friend who had forwarded me yet another phishing scam. Now admittedly this one had already been blocked by Microsoft, as Internet Explorer proudly told me when I clicked the link. However as scams go this one demonstrates just how good and convincing they are getting.
Dear Visa Cardholder,
Continuous Monitoring is an integral part of Visa’s multiple layers of security. In addition to other fraud monitoring tools, we can often spot fraud based upon transactions on the card that are outside of cardholders typical purchasing pattern.This allows us to spot fraudulent activity as quickly as possible and acts as an early-warning system to identify fraudulent activity.
During a recent checkout we detected suspicious activity and your Visa card may have been compromised. Fraudulent activity made it necessary to limit your card for online services.
Your Case ID Number is: RT87R7ER8R8D
Conform to our security requirements and in order to continue online services with your card, we must validate your identity.Please click here to verify your identity (link removed for this article)
Visa takes online security very seriously so that you can shop safely on the Internet. As part of our commitment to fighting fraud we have the right to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of the terms and conditions for using Visa.
Sincerely,
Visa Customer Service.
© Copyright 2001-2009, Visa All Rights Reserved.
Now there are still a couple of grammatical errors, the sentence “Conform to our security requirements and in order to continue online services with your card, we must validate your identity.” being an obvious example. This is, none the less, the best phishing email I’ve seen yet.
Phishing emails, for the uninitiated, are emails pretending to be from bank or website A, B, or C, in this case, Visa, that try and trick you into logging into a fake website to type surrender your sensitive security details. The fraudsters can then use these details to use your email account for sending spam and yet more phishing emails or even empty your bank account for you.
You should always be alert to these things. The simple rule is that no company will ever send you an email asking you to confirm your details on a website. If you are in any doubt, first forward the email abuse@ the company concerned and see if they reply that it’s genuine.
it with others, or 
