SI
SI
discoversearch

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.
Strategies & Market Trends : China Warehouse- More Than Crockery
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  
To: hui zhou who wrote (5774)3/14/2006 9:15:57 PM
From: RealMuLan  Read Replies (1) of 6370
 
[Indian hackers hacked China's bank server and used it to rip off the US customers! This reminds me of one of my AT&T phone card was hacked by a guy who then called India.] -- Alleged 'phishing' attacks in US linked to China Construction Bank IP address
03.14.2006, 06:48 PM

WASHINGTON (AFX) - A series of fake e-mails designed to make US bank customers give up sensitive personal and account information has been linked to an Internet site assigned to a state-owned China Construction Bank, Internet security experts alleged.

The e-mails circulating in recent days offer customers of Chase Manhattan Bank a 20 usd 'reward' for filling out on online survey, Agence France-Presse reported, citing security firms that monitor such schemes.

Experts at the British security firm Netcraft said the users responding to the so-called 'phishing' attacks first detected Saturday were 'directed to sites hosted on IP addresses assigned to The China Construction Bank (CCB) Shanghai Branch.'

'The phishing pages are located in hidden directories with the server's main page displaying a configuration error. This is the first instance we have seen of one bank's infrastructure being used to attack another institution.'

Netcraft and other security firms pointed out that the attack on Chase offers recipients the chance to earn 20 usd by filling out a user survey.

On the site, users are asked for a user ID and password, so the 'reward' can be deposited to the proper account. The form also requests the victim's bankcard number, personal identification number, card verification number, mother's maiden name and social security number.

Netcraft said the data submitted is then sent to a form processing service on a server in India.

Netcraft said the same IP address at CCB Shanghai was used to host a fake eBay login screen in a similar fraud attempt.

rl/mdl/tr
forbes.com
Report TOU ViolationShare This Post
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  

HomeMailHotSubjectMarksPeopleMarksKeepersSettings
Terms Of UseContact UsCopyright/IP PolicyPrivacy PolicyAbout UsFAQAdvertise on SI
© 2025 Knight Sac Media.  Data provided by Twelve Data, Alpha Vantage, and CityFALCON News