Thread: Received Fraud Attempt
View Single Post
  #1 (permalink)  
Old 01-29-2004, 08:58 PM
sonnie's Avatar
sonnie sonnie is offline
WebProWorld Member
  
Join Date: Dec 2003
Location: Oregon
Posts: 71
sonnie RepRank 0
Default Received Fraud Attempt
I wasn't sure where to post this, but most members generally check out the Breakroom from time to time. One of the sites I work on received a suspicious email sent to a specialized account. The account is used to field and answer questions from customers. In fact the email account is questions@hisdomain. The following is the email received:

Dear Sir/Madam,

We were informed that your credit card is used by another person or stolen. It could happen if you have been shopping on-line, and someone got your "Billing information" including your credit card number. To avoid and prevent any further fraud and billing mistakes and to refund your credit card, it is strongly recommended to proceed filling in the secure form on our site and applying for our Zero Liability program. Program is free and it will help us to confirm the fact of fraud and investigate this accident as soon as possible.

(A continue button was located here)

Sincerely yours, Visa Support Assistant, Alwin Desagun.

Oddly enough, the more I looked at this name, does this remind you of "I'll win this again"?

Here is the offending URL:
http://www.vbill.biz/?

In order to view the final, bogus page, popups must be allowed. When you access this URL directly, they attempt to close the page. Depending on your settings you should get a message stating this. Do not allow page to be closed, and you will see the final page. If you don't see the page, look on your bottom toolbar or alt/tab to find it. Visa? I don't think so.

This is the email I sent to the owner of the site along with the original message:

Joe, very interesting. This is a fraud attempt. Interestingly enough it came to your "questions" email on your site. If you click on the continue button, and popups are not blocked, it takes you to a site which appears to be a Visa site asking for your Credit Card info. The URL which appears in the address box is an actual Visa site, but you are not on the actual Visa site. If popups are blocked, you are taken to a blank page. If you have popups blocked on your computer by using the Google toolbar, hold down the Ctrl key while clicking the button to see the page. The service they are offering is a Visa service, but this is not Visa. Any site requesting this type of information would be a secure site ie, https://. I immediately knew this was bogus, but decided to follow it through. I am looking in to where to report this to. You may want to pass this on to the rest of the employees just for general info.

Jim
__________________
I reject your reality and will purchase my own.
Live Free and Die what?
Reply With Quote