FBI probes bogus bureau site used in scam
- By Wilson P. Dizard III
- Oct 01, 2003
The FBI yesterday launched an investigation of a Web site, since removed from the Internet, that masqueraded as a federal bureau site and sought to lure consumers to submit private financial information in a fraud technique known as 'phishing.'
The site displayed the FBI seal and U.S. flag, as well as the layout of the FBI site, surrounding text that referred to the 'ministry of protection of the confidential information,' which purportedly was investigating a credit card swindle. It said, in stilted language, 'The Ministry of Finance and the government urgently have decided to collect the information on the disappeared cards and to block cards in the shortest term, differently the economy of America and the owners of the cards will have big losses.'
The site urged users to enter their debit or credit card numbers and PINs, as well as their approximate account balances.
An e-mail appearing to be from the FBI drove Internet users to the FBI's site and then redirected them to the bogus site.
FBI spokesman Paul Bresson said, 'We are investigating it. It falls right in line with other phishing schemes'many of them direct you to what appear to be commercial sites. This is the first time the FBI site has been used as a lure.'
Bresson said the FBI had been 'able to narrow down where it might be coming from' but that additional investigative work was necessary.
Computer security consultant Richard M. Smith in Brookline Mass., who operates a site called computerbytesman.com
, said that the bogus site was hosted by a company called Sago Networks in Tampa, Fla. He added that the 'perp appears to be Russian.'
'I found it amusing because the graphics were good, but the language was atrocious,' Smith said. 'These phishing scams are everywhere,' he said. 'This phishing scam was clever in that it used the FBI name to try to make it look legit, but I don't think anyone would fall for it.'
Smith explained that phishing scams use e-mails written in HTML. 'For a link you display any text you want,' he said. 'Behind the legitimate text is a misleading HTML link.'
Chris Demain, systems administrator for Sago Networks, said, 'We don't have any comment on that. We are working with the FBI. In all cases of suspected fraud we work closely with federal and state authorities.'