14 DAY TRIAL // The safety if your personal savings account is again put to the test by hackers who devised a fake AOL Billing Center that requires the user to supply tons of sensitive data.
According to Zscaler Research, a website that offers supposedly free services links you to a place that greets you with a message about how they're working hard to make AOL better.
“We've worked hard to help make America Online even better! However, we have to ask for a NEW credit card so we can update your Billing information. Please be advised this is manditory. If we do not get your updated Billing information, your account will be voided and cancelled,” reads the first message.
Of course, the whole operation is purposed to “keep your billing information safe and secure” and “only authorized AOL Staff members will use this information!”
After hitting the OK button, the victim is taken to a form page that asks for all sorts of details including card owner's name, address, card type, number, expiration date and bank name. By completing the form, the victim practically hands over his bank account to the mastermind behind the operation.
The researchers reveal that once the form is submitted, the page sends a POST request with all the data to a Yahoo email address that probably belongs to the perpetrator.
The page is filled with references and links that point to genuine AOL locations but a number of clues give away its true identity.
This example is clearly a hoax as no AOL service would be hosted on a website called “angelfire”. Unfortunately, there are some even more clever attempts that perfectly reproduce official sites with the purpose of phishing the bank details of unsuspecting internauts.
Lately, cybercriminals are impersonating all types of legitimate companies in their operations and that's why in many cases it's difficult to tell apart a real message from a fake, but that's precisely why you should be very skeptical when faced with an alert that seems to be coming from someone you know and trust.