ID Theft of Another Flavor

Banks should be alerted that their concern for customers who have their identities stolen and fraudulently used should be expanded to include concern for their own organizations. Criminals are stealing the logos of legitimate companies and setting up fake Internet sites, and banks are one of the targets. Scams have been tried against several Australian and New Zealand banks and most recently, Bank of America was victimized.

The Bank of America scam went like this: an email would arrive in a customer's electronic mailbox asking them to verify financial information. The emails contained a link to a Web site that looked like the bank's, and the customer was asked to enter verifying information at the site.

The good news is that the bank worked with law enforcement agents to help them shut down the scheme in about 13 hours. The bad news is that at least 75 people fell for the scheme.

The speed with which the crime can occur is alarming, and banks should also be aware that their business clients could be affected. CarBuyingTips.com, for example, recently alerted its business partners of fake escrow sites that steal and fraudulently use proprietary information from well-known Web sites. The criminals set up fake sites with official looking logos, then post ads for used cars on e-Bay and other legitimate auction or buying sites. When buyers want a car, the "seller" asks them to go to legitimate-sounding payment sites (such as one called www.SafeAutotrader.com) or fake sites designed to look like legitimate sites to put money into escrow accounts. The money disappears, the car never appears, and the fake sites are shut down in a few days.

Copyright © 2004 Bankers' Hotline. Originally appeared in Bankers' Hotline, Vol. 13, No. 12, 2/04