School's PTA Web site hit by scam 'phishing' for data

I think I know one of the guys that got quoted in this news article. I'm not sure, but I think he's related to me. :)

http://deseretnews.com/dn/view/1%2C1249%2C660191694%2C00.html

School's PTA Web site hit by scam 'phishing' for data

Bank logo posted by hackers asked for personal information
By Laura Hancock
Deseret Morning News
EAGLE MOUNTAIN — A Web site formerly used by Pony Express Elementary's PTA became entangled in a phishing scam.
Sometime recently, hackers got access to software that parent Gerald Banks used for www.ponyexpresselementary.org. The hackers posted on the site the logo for Regions Bank, the nation's eighth largest, with offices in 16 states from Florida to Iowa but none in Utah.
"They were trying to get your name, your Social Security number, your Visa debit card number, just as much personal and financial information as they could," said Roger Douglass, another Pony Express parent who spotted the scheme because he works for Blue Coat Systems, a Web security company in Draper.
Douglass routinely looks for phishing schemes at work and found the scheme involving Pony Express Elementary on Wednesday when visiting phishtank.com, an online community where people voluntarily post Web sites they believe have been overtaken by phishers.

The scheme probably was posted on phishtank.com after a member of the Web community received a spam e-mail from people claiming to be bank officials, visited the Pony Express site and found what he perceived was a scam, Douglass said.
"And I recognized it because it's my daughter's elementary school," Douglass said. "So that's kind of what made me go, 'Whoa, wait a second ..."'
Douglass called Banks, who said by Wednesday afternoon he had already taken down www.ponyexpresselementary.org, after receiving notifications about the scheme from the Alpine School District and XMission, the Web site's host.
PTA leaders used the site last year to advertise events at the Eagle Mountain school. It has not been updated since then, Banks said.
"We monitor for these sites constantly, and whenever we see them we act as quickly as possible to contact our customers and even non-customers who might be fooled into entering personal information," said Rick Swagler, spokesman for Regions Bank.
Swagler said such schemes are typically reported to the federal government.
"The bank will never send you an e-mail asking you for personal information or asking you to update information," Swagler said.
The banking industry works together to try to curb phishers.
According to the American Bankers Association, 25,816 phishing Web sites were discovered in November, an increase from previous months.

1 comment:

C. Dog said...

There go your 15 minutes! Pretty cool. Tell your boss to give you a raise or I'll come over there and kick his butt.