afcc@rsa.com
New Member
- Messages
- 1
- Reaction score
- 0
- Points
- 0
Dear Sirs
- RSA , an anti-fraud and security company, acting at the direction of The Standard Bank of South Africa Limited (“Standard Bank”), has been made aware that you appear to be providing Internet Services to a website, which is part of a “phishing scam”*. This activity violates Standard Bank’s copyright, trade-mark and/or other intellectual property rights.
- E-mail messages have been broadly disseminated to individuals by a person or entity pretending to be Standard Bank and using Standard Bank’s identity without authorization, requesting the recipients to verify and submit sensitive details related to their Standard Bank accounts.
- There is a link within the fraudulent e-mail message that leads the recipients to the imposter’s “Standard Bank website” (at the following address URL http://web.ssbonline.co.cc/ ] to which you provide services and which is under your control.
- This unauthorized website not only represents a misuse of Standard Bank’s intellectual property rights, but its purpose appears to be to fraudulently obtain personal information of Standard Bank customers in order to access their bank accounts for fraudulent purposes.
- Please take all necessary steps to shut this site down immediately failing which Standard Bank will take the appropriate action to protect its rights.
In addition to these necessary steps, The Standard Bank of South Africa Limited (“Standard Bank”) would like you to set up a redirect to the Anti Phishing Working Group (APWG) Phishing Education Landing Page at http://education.apwg.org/r/en instead of serving a 404 message or other error page when you disable a phish site. The APWG Public Education Initiative (PEI) has created a webpage to educate users about phishing. The page specifically explains that they have just fallen for a phishing communication (email or otherwise) and talks about ways they can avoid being victimized in the future. If you wish to learn more about how to set up the redirect, please read here: http://education.apwg.org/r/how_to.html.
- We also request that you please provide us with a tar/zip file of the source code of this site so that we may analyze it to help prevent further attacks. If any customer data has been captured, we also ask that you send us that data so that we may notify our customers that they have been defrauded and cancel/reissue their credit cards. We understand that you may not be aware of this improper use of your services and we appreciate your cooperation.
- If you need further information please do not hesitate to contact us, as follows:
7.1 RSA Anti-Fraud Command Centre
Tel: +44 (0)800-032-7751 (UK)
Tel: +1-866-408-7525 (US)
Fax: +972-9-9728101 (EU)
Fax: +1-212-208-4644 (US)
E-mail: afcc@rsasecurity.com
7.2 Standard Bank – Information Security
Name: Jock Forrester
Address: 5 68 Grayston Drive
Tel: +27-071 854 2330
E-mail: Jock.Forrester@standardbank.co.za
*”Phishing" is an e-mail scam that attempts to trick consumers into revealing personal information, such as their credit or debit account numbers, checking account information, Social Security Numbers, or banking account passwords, through an imposter’s website or in a reply e-mail.
