Gcard: Pishing email Caution!

Date June 28, 2006

Websense® Security Labs™ has received reports of a new phishing attack that targets customers of Gcard. Users receive a spoofed email message, which claims that the security for direct deposit accounts has been enhanced. Users are directed to verify their identity by logging on to their account. The message provides a link to a phishing website that requests account number and password. 

The phishing site is hosted in Romania and was up at the time of this alert.

Phishing Email:

Dear Cardholder,

We recently increased the security level for Direct Deposit Account in order to avoid frauds. Please be advised that the DDA now requires Level security for all cardholders using this method.

Because you previously registered and used this method you are now
required to take the Level Security Verification:

For the Level Security Verification please click on the link below and login into your Gcard Online Banking Account

< URL REMOVED >

Please note that funds may NOT be wired into the DDA account under any
circumstances. Our processing bank will not permit any deposits other
than direct electronic payment. If a wire comes in to the DDA account it
will be sent back without crediting client cards.

Sincerely,
gCard Security Department

Phishing Screenshot:

http://www.websense.com/securitylabs/images/alerts/gcard2.jpg

Category Posted in Internet

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>