Phishing

Phishing frauds.

An increasingly prevalent fraud currently being employed by unscrupulous individuals is phishing. Phishing involves an email message being sent out to as many Internet email addresses that the fraudster can obtain, claiming to come from a legitimate organization such as a bank, online payment service, online retailer or similar.

The email requests the recipient to update or to verify their personal and financial information, including date of birth, login information, account details, credit card numbers, PIN numbers, etc. Some of the email messages include a threat that failure to update or validate will result in, for example, the account being frozen. The objective is to induce unsuspecting recipients, who happen to be customers of the legitimate organization being imitated, to respond to the email and to provide the information being requested.

The e-mail will contain a link that takes you to a spoof web site that looks identical, or at least very similar, to the organization’s genuine site. In some cases, when the link in the e-mail is clicked, the genuine site is accessed, but is overlaid with a smaller window with the spoof site, making it more believable. Clicking on a link may also download malicious software, known as “spyware” onto your PC, which will record your Internet use and forward this information, and possibly a log of your keystrokes, to the fraudster. The fraudsters will use this financial information to compromise bank accounts, credit cards, and so on.

To avoid getting Phished you should never respond to e-mail messages that request personal or financial information and never click on a link in such an e-mail. Reputable organizations do not send unsolicited e-mail messages asking their customers to update or verify their personal and security details. If you are in doubt about the legitimacy of the e-mail, or if you think that you have been a victim of a phishing fraud, you should contact the organization in question immediately. You should, however, be careful to use the normal method you use to contact the organization in question, rather than use any suggestions included in, or by responding to, the e-mail.

If you any have questions regarding Cathedral Investment Bank operations, or you have received a presumably e-Phishing, contact us at phishing@cathedralbank.com
• Back to top
Phishing mules.

Once the fraudsters have collected financial information of individuals via phishing, they are then in a position to abuse this information and steal money out of the compromised accounts. In order to cover their tracks, however, they recruit unsuspecting individuals to act as go-betweens by placing a variety of tempting job adverts on the Internet promising the chance to earn money quickly without expending much effort. These recruits are known as mules.

The bank accounts of the mules will be used to accept transfers of money from the compromised accounts. The mules will be asked to withdraw the money from their accounts in the form of cash and forward it, minus their commission, to the fraudsters using an international money transfer agency. The fraudsters can therefore maintain their anonymity, but there is a trail to the phishing mules, which can be followed by the authorities.

Be very careful about job offers that involve the acceptance and release of funds to a bank account in return for commission. Mules recruited by phishing fraudsters are money laundering and are likely to face criminal prosecution.

Likewise, be very careful when receiving transfers from any third parties that have to be forwarded or cash withdrawals many criminal organizations engaged in money laundering carry out similar procedures as described above, to make or commit crimes.