TradeMe users targeted by sophisticated phishing attack
LATEST NEWS
- Video will drive UFB uptake, but NZ lacks content choices: ComCom || 1
- TelstraClear's half-year revenue drops by 4 percent, but telco posts $1m profit
- Peter Finch leaves CIO post at Gen-i || 1
- 2degrees announces 875,656 customers
- NZ Fauna app fills 'crazy' lack of animal info || 4
- Megaupload interest a mixed blessing for Pirate Party || 2
SUBSCRIBE
Computerworld is New Zealand's only specialised information systems fortnightly. Subscribe now for $100 (23 issues) and save more than 37% off the cover price!
SIGN UP
TradeMe says email list didn't come from internal servers
By Paul Brislen | Auckland | Friday, 18 February, 2005
TradeMe customers are being warned of a sophisticated phishing attack that has been launched against the popular online auction site.
A Computerworld reader was surprised to receive an email purporting to be from TradeMe asking for his account details. While most links embedded in the email did match those on TradeMe's own emails, such as those to auxiliary TradeMe sites like Old Friends, the link to the user's details led to a fake site based in the US.
TradeMe managing director Sam Morgan says he has already contacted the American ISP hosting the fraudster's site and it has been removed.
"We haven't heard of anyone being caught by it, but it was definitely sophisticated in its approach."
The email read: "During our regular update and verification of the accounts, we could not verify your current information. Either your information has changed or it is incomplete. As a result, your access to bid, buy or sell on Trade Me [sic] has been restricted. To start using fully your Trade Me account, please update and verify your information." The email included TradeMe's kiwi logo and even its standard disclaimer: "TradeMe will never ask for your password via email".
Morgan says he hasn't bothered the police with the issue, despite the obvious intent to defraud customers.
"The police are very busy and I'm sure they don't want to be bothered by this sort of thing."
However the national manager for the police e-crimes labs, Maarten Kleintjes, says the police certainly do want to hear about such attacks. Speaking to Computerworld earlier this month after TelstraClear reported an attack on its Paradise.Net servers, Kleintjes said the police had developed ties with other national police agencies to better fight online crime.
Even if the hacker were based overseas, Kleintjes says he can contact the police in that jurisdiction to put in place an action plan. "We are part of the G8 sub-group on high tech crime," he says.
"First of all we move to preserve the evidence, so [police] would be in touch with ISPs over there for server logs and get out the preservation orders."
Morgan says the phish was received by a number of TradeMe customers but he's certain the email information did not come from TradeMe servers.
"We've got no idea how he got those addresses but we're confident it wasn't from us. We've got people who use the service with 5,000 feedbacks about auctions so maybe he's compromised their machine and got the emails that way."
Morgan said TradeMe was preparing a "security centre" page for the website to better educate users to the dangers of such things.
"Given our scale in the New Zealand internet we need to be a bit more on the front foot in terms of educating general internet users about keeping themselves safe."
A TradeMe newsletter has been sent out highlighting the danger of phishing attacks in particular, which aren't necessarily delivered by email, Morgan says.
"People get these things through various mechanisms. They get them directly through email but they also get them through [instant] messaging and all sorts of things."
MOST POPULAR
Social Media @Computerworld NZ
Computerworld NZ has now reached LinkedIn! Join to expand your networks and meet others interested in information systems.
