Online criminals have apparently hacked into the Web site of a US sheriff and are using it to host a fake Commonwealth Bank login page in an online scam.
The login page, hosted on the Lake County Sheriff's Office Web site, is linked to a phishing scam. An e-mail arrived in the inbox of a ZDNet Australia tipster encouraging him to click on a link to the bogus Web site, hosted on the sheriff's server, and re-enter his Commonwealth Internet banking login and password.
Lake County Sheriff Chris Daniels was unavailable to comment due to time zone differences. A Commonwealth Bank representative was also unavailable for comment at the time of writing.
Online fraudsters are known to attack legitimate Web servers in order to stealthily host Web content and scripts used in scams. Web sites owned by Sarajevo Airport, Samsung and even the University of New South Wales have been involved in recent scams.
Yesterday, ZDNet Australia reported a phishing attack that directed victims to a hijacked section of the Sarajevo Airport Web site.
Earlier this month, a Samsung-owned Web site in the US was hosting Trojan horse software. While in August, The School of Media, Film and Theatre at the University of NSW admitted one of its Mac servers had been compromised and used to host a potentially malicious file, which was disguised as a Microsoft security patch.
Security concerns don't target small pockets of individuals like they once had. Phishing will continue to expand its reach and become more sophisticated as long as there are profits to be made http://www.essentialsecurity.com/news.htm?id=136
Australia has other privacy concerns too when its own police force accidentally sends 7,000 pages of sensitive information outside police department walls http://www.iwantmyess.com/?p=89