ad info

 
CNN.com  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  

 

  Search
 
 

 
TECHNOLOGY
TOP STORIES

Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent

(MORE)

TOP STORIES

More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections

(MORE)

MARKETS
4:30pm ET, 4/16
144.70
8257.60
3.71
1394.72
10.90
879.91
 


WORLD

U.S.

POLITICS

LAW

ENTERTAINMENT

HEALTH

TRAVEL

FOOD

ARTS & STYLE



(MORE HEADLINES)
*
 
CNN Websites
Networks image


Fake bank Web sites trick consumers

Computerworld

(IDG) -- A hacker doesn't have to break into a bank's computer to steal account numbers and access codes. It may be enough to set up a "spoof" Web site that closely mimics a real bank's, according to a warning issued last week by the Office of the Comptroller of the Currency (OCC).

Some customers have provided financial information to sites that they thought were legitimate Web sites, according to OCC spokesman Dean DeBuck.

  MESSAGE BOARD
 

The fake sites weren't exact copies of the real bank sites, DeBuck said, though some did look somewhat like the originals.

Companies can take legal action against Web site spoofers, said DeBuck. For example, wwwbankofamerica.com -- just like the real site's address, but without the dot after the "www" -- has already been taken down, but not until after a few unsuspecting consumers were taken in, DeBuck said.

So far, the only losses that the OCC is aware of are of private information such as addresses, said Clifford Wilke, the agency's director of bank technology, with no thefts yet reported of personal account information or access codes.

That doesn't mean it can't happen.

"I'm telling banks to be careful and be aware that other people are out there registering similar names," Wilke said.

To keep an eye out for fraud, some banks regularly check to make sure that there aren't Web sites with similar names luring consumers.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Computerworld's home page
  American Bankers Association to offer online authentication
  Dispute sparked on Internet retail fraud
  How awareness can prevent cybercrime
  Reviews & in-depth info at IDG.net
  E-BusinessWorld
  TechInformer
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for IT leaders
  Search IDG.net in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

"We are on the lookout," said Scott Scredon, a spokesman for Charlotte, N.C.-based Bank of America Corp.

Waiting for customers to come and complain may not be enough. Some may never know they were duped.

According to Richard Bell, an analyst at Needham, Mass.-based TowerGroup, a Web site spoofer may put up a front end identical to the real bank's, then send the customer back to the real Web site once the personal information is collected.

"The most secure way for consumers to protect themselves is to deal with an institution with a strong commitment to security and one that uses some sort of certificate system that the user participates in," he said.

Not only banks are targets. X.com Corp., owner of the PayPal Web site, was spoofed recently with PayPai.com, said analyst Chris Musto at Lincoln, Mass.-based Gomez Advisors Inc. Users were diverted to the fake site with a link that spelled PayPai with a capital "i" at the end, making it look identical to PayPal on many computer screens.

Musto suggested that companies can take a two-part approach to security -- educate consumers to make sure that they're doing business at the correct Web site, and buy up possible alternative domain names.




RELATED STORIES:
New center targets Internet fraud
May 11, 2000
Meet the real victims of Internet fraud
March 2, 2000
Meet the FTC's unlikely enforcer
February 18, 2000
FTC issues warning on fraudulent cyberauctions
February 16, 2000
How the e-shopping experience could be better
February 14, 2000
Paranoia strikes deep at Web's top spots
February 14, 2000
Commerce secretary details e-commerce plans
January 19, 2000

RELATED IDG.net STORIES:
Feds struggle in race with hackers
(Computerworld)
American Bankers Association to offer online authentication
(Computerworld)
Survey: Retail fraud more prevalent for online vendors
(Computerworld)
Dispute sparked on Internet retail fraud
(Computerworld)
US to let Mitnick write Internet columns
(Computerworld Australia)
ACLU: Block FBI e-snoops
(FCW)
How awareness can prevent cybercrime
(Civic.com)
Online health care contends with fraud
(InfoWorld.com)

RELATED SITES:
Office of the Comptroller of the Currency (OCC)

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

 Search   

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.