[size=55:wuurr2st]novinite
Bulgarian Consumer Protection Watchdog Used in Email Phishing Scam
ulgarian media have spread the word about a new email phishing scam.
According to reports of private TV channel bTV, scores of Bulgarians claimed that they received an e-mail saying that a complaint had been filed against them with the Commission for Consumer Protection (KZP).
To check the content of the complaint, the users had to reveal their email password.
However, some of the victims of the phishing scheme noticed that their e-mail accounts had been broken into after the registration.
The case was reported to the police.
Asked to comment on the matter, officials of the KZP explained that they had no practice of sending such e-mails.
The representatives of the consumer protection watchdog said that they had received over 10 tip-offs about the phishing scam.
"
When a complaint or a tip-off about a company is filed with the KZP, the letters are sent officially and the people in charge are summoned to the KZP headquarters or KZP officials visit the retail site and prepare official documents for the inspection. We have no such practice and I believe that this is some sort of extortion or fraud scheme,"
said Ivan Bachvarov, Chief Secretary of the KZP.
To avoid getting hooked in phishing scams, Internet security experts advise users not to click on links received via e-mail.
Specialists say that the right thing to do is to search the website of the organization mentioned in the email.
In the case of the KZP scam, the link provided in the email is the only thing that arouses suspicions in a professionally worded email.
The website to which the links redirects users provides no contact details like phone number or address.
The domain is registered in the US.
"
When we receive a message inviting us to click on a link, it may very well turn out to be a malicious code aimed at stealing our personal data,"
warned Albena Spasova from the International Cyber Investigation Training Academy.
Wiki say's :
Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
A phishing technique was described in detail in 1987, and (according to its creator) the first recorded use of the term "
phishing"
was made in 1995.