Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Visa - Mastercard 'Security Incident' Phishing Scam

Outline
Email claiming to be from the "Identity Theft Department" of both Visa and Mastercard warns recipients of a security incident that may have put their financial information at risk. The email asks recipients to click a link to activate their credit cards.



Brief Analysis
The message has no connection to either Visa or Mastercard or any of their service providers. The email is a phishing scam designed to trick users into divulging their credit card details to online fraudsters.

Bookmark and Share
Detailed analysis and references below example.




Last updated: September 27, 2012
First published: September 27, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: Your personal informations are compromised

Dear valued customers,

During the past few days, we had been warned and notified regarding some
problems in relation to our internet websites safety and security by
Cryptico (a security consortium), the main ideas behind this e-mail is to
inform you about a security incident. Unfortunately, your online banking and
credit card credentials are now at risk!

Please visit the following link to activate your credit card informations:

[Link removed]

Sincerely,
The Identity Theft Department
Visa / Mastercard in collaboration with Interac Online.



Detailed Analysis
Phishing scammers continually target user of both Visa and Mastercard credit cards in various ways. In this attack, the scammers have concocted a generic message designed to extract credit card information from customers of both companies. The scam email masquerades as a customer notification that alerts users to a supposed security incident in which customer online banking and credit card credentials were compromised.

In reality, the email has no connection at all to either Visa or Mastercard. Nor is it in anyway associated with Interac Online or Cryptico, as claimed in the email.

The message advises users to click a link to activate their "credit card informations", thereby, presumably, alleviating the security risk to their accounts.

People who click the scam link will be taken to a fraudulent website and asked to start the activation process by providing either their Visa or Mastercard number. Although the fake form is not hosted on a secure (https:) site as all genuine online financial transactions would be, the scammers have made an attempt to make the process seem more authentic by providing a typical image based security code field:

Visa Mastercard fake form

Users who enter the requested details will then be taken to further fake pages that request more financial and personal details. All information submitted on the bogus form will be sent to online criminals and used to make fraudulent transactions in the victim's name.

Legitimate credit card providers will never request customers to click a link and provide their financial information on an unsecure website. It is always safest to login to your online accounts by entering the account website address into your browser's address bar.

The scammers responsible for this phishing expedition sign themselves off as "The Identity Theft Department". Ironically, this is in fact quite an apt description for the scammers since they are indeed engaged in fraud and identity theft.

References

Phishing Scams - Anti-Phishing Information
Visa Card Violated Phishing Scam
Difference Between http and https

Last updated: September 27, 2012
First published: September 27, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer