The e-mail, which falsely claims to be from Westpac, is a replica of a page from the bank's Web site which provides information on making donations to the Australian Paralympians, who need to raise AU$2 million to fund their visit to Athens this year.
It includes details of how to make a donation in person, by phone, or via a credit card. However, the link for credit card donations does not go to the official Australian Paralympic Committee donation site. Instead, the credit card link is designed to divert to a site which mimics the appearance of the APC site, but which is actually hosted in Romania.
Fortunately for the Paralympic movement, the phishers made a critical mistake. Due to a coding error in which a large number of blank spaces have been inserted in the fake URL, the address actually fails to resolve. Despite the error, the appeal to charitable instincts suggests that phishers -- often said to be linked to organised crime -- aren't slowing down their attempts to harvest credit card details and other financial information.
Westpac has been the target of numerous phishing scams in recent months, but a spokesperson recently told ZDNet Australia that customers had become more alert to the problem. All Australia's major banks now have an official policy of never requesting information from customers via e-mail.
Are you sure it's a code error. It's a part of the scam and intentional. If you don't have Microsoft Security Bulletin MS04/004 installed, the specially formed link will load the phishers site, but the address bar will say the Paralympic site's address.
Text below from: http://www.microsoft.com/technet/security/bulletin/MS04-004.mspx
A vulnerability that involves the incorrect parsing of URLs that contain special characters. When combined with a misuse of the clear-text authentication feature that has "username:password@" at the beginning of a URL, this vulnerability could result in a misrepresentation of the URL in the address bar of an Internet Explorer window. To exploit this vulnerability, an attacker would have to host a malicious Web site that contained a Web page that had a specially-crafted link. The attacker would then have to persuade a user to click that link. The attacker could also create an HTML e-mail message that had a specially-crafted link, and then persuade the user to view the HTML e-mail message and then click the malicious link. If the user clicked this link, an Internet Explorer window could open with a URL of the attacker's choice in the address bar, but with content from a Web Site of the attacker's choice inside the window. For example, an attacker could create a link that once clicked on by a user would display http://www.tailspintoys.com in the address bar, but actually contained content from another Web Site, such as http://www.wingtiptoys.com. (Note: these web sites are provided as an example only, and both redirect to http://www.microsoft.com.)