Fake Visa/Mastercard “Security incident” notifications
Fake emails apparently sent by the Visa/Mastercard “Identity Theft Department” are targeting the cards’ users by trying to trick them that a “security incident” has put their online banking and credit card informations at risk.
“Dear valued customers,” says the email, “During the past few days, we had been warned and notified regarding some problems in relation to our internet websites safety and security by Cryptico (a security consortium), the main ideas behind this e-mail is to inform you about a security incident. Unfortunately, your online banking and credit card credentials are now at risk! Please visit the following link to activate your credit card informations: (MALICIOUS LINK)”
Unfortunately for the users that click on the link, the destination page is a phishing page.
“Although the fake form is not hosted on a secure (https) site as all genuine online financial transactions would be, the scammers have made an attempt to make the process seem more authentic by providing a typical image based security code field,” Hoax-Slayer said.
“Users who enter the requested details will then be taken to further fake pages that request more financial and personal details. All information submitted on the bogus form will be sent to online criminals and used to make fraudulent transactions in the victim’s name.”