NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

Home > News > Security

October 19th, 2011, 13:43 GMT · By Eduard Kovacs

'AOL Billing Center' Scam Steals Credit Card Information

Adjust text size:

AOL never asks for credit card information

The safety if your personal savings account is again put to the test by hackers who devised a fake AOL Billing Center that requires the user to supply tons of sensitive data.

According to Zscaler Research, a website that offers supposedly free services links you to a place that greets you with a message about how they're working hard to make AOL better.

/>“We've worked hard to help make America Online even better! However, we have to ask for a NEW credit card so we can update your Billing information. Please be advised this is manditory. If we do not get your updated Billing information, your account will be voided and cancelled,” reads the first message.

Of course, the whole operation is purposed to “keep your billing information safe and secure” and “only authorized AOL Staff members will use this information!”

After hitting the OK button, the victim is taken to a form page that asks for all sorts of details including card owner's name, address, card type, number, expiration date and bank name.
By completing the form, the victim practically hands over his bank account to the mastermind behind the operation.

The researchers reveal that once the form is submitted, the page sends a POST request with all the data to a Yahoo email address that probably belongs to the perpetrator.

The page is filled with references and links that point to genuine AOL locations but a number of clues give away its true identity.

This example is clearly a hoax as no AOL service would be hosted on a website called “angelfire”. Unfortunately, there are some even more clever attempts that perfectly reproduce official sites with the purpose of phishing the bank details of unsuspecting internauts.

Lately, cybercriminals are impersonating all types of legitimate companies in their operations and that's why in many cases it's difficult to tell apart a real message from a fake, but that's precisely why you should be very skeptical when faced with an alert that seems to be coming from someone you know and trust.

FILED UNDER:

TELL US WHAT YOU THINK:

1,477 hits · 3 comments · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:

Hackers Hide Behind Free Facebook Credits Scams

Phishers Use New Tricks

Smishing Emerges Again, Making Many Victims in Seattle

Millions Stolen Through Internet Retail Scam

READER COMMENTS:

Comment #1 by: Eric on 19 Oct 2011, 19:47 UTC	reply to this comment
Odd, to pick AOL of all things to scam, considering I view AOL as a scam to begin with...

Comment #2 by: Bob on 04 Dec 2011, 15:00 UTC	reply to this comment
My request for personal information from "AOL Billing Center " showed up today 12/4/11. Other than sending it to span , is there some other agency I should report this incident to ?

Comment #2.1 by: Eduard Kovacs on 06 Dec 2011, 06:56 GMT

Spam emails can be reported to the ISP it originated from, but it's no easy task and it's not always efficient. There are however a lot of websites, including Softpedia, that write about these things to raise awareness. Sites that monitor and write about spam and other dangerous emails will in most cases put the information to good use.

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use