Friday, 8 July 2016

Irish Water phishing attacks on customers

Image result for irishwater
Wexford-based ESET Ireland’s cyber security experts are reporting a new surge of phishing emails, trying to scam Irish users for money. While scams abusing the names of known Irish banks are still doing the rounds, two latest scams are particularly prominent.

The first appears as an email purporting to come from Uisce Éireann/Irish Water, equipped with all the correct visuals and states:
“Irish Water is performing the annual account maintenance procedure. Please login to your account and complete the requested actions. Once logged in you will be guided to the rest of the process.”

The link takes the victim to a faked Irish Water website, hosted on an Israeli domain, where after “logging in” a pop up appears, asking to “Please update your information and continue to your account,” which requires the debit or credit card information to be handed over.

The second one appears to be a similar re-run of an earlier scam, which targets Electric Ireland users. The email says “Your Electric Ireland REFUND NOTIFICATION is now available to view, please click here to log into online billing and view your refund status” and adds a call to action, by stating the refund will only happen a few days from now, so the potential victim would act impulsively:
“Your notification issue date is: 07 July 16, Your REFUND amount is: EUR 98.04, Refund period: 07 July - 09 July. This amount is now overdue please arrange payment details. An easy way to complete your refund is by Irish debit card.”

In this case, the link also leads to a faked Electric Ireland website, this one on a Romanian domain, where after “logging in” a screen explains the “refund” and also asks for credit or debit card details.

In both cases, the victim isn't just phished to hand their credit or debit card details to the cyber criminals, but also their login details to their Irish Water or Electric Ireland accounts, which could then be abused even further.

ESET Ireland recommends to Irish users not to click on any of the links in these fraudulent emails, but instead flag such emails as spam. Also pay close attention if the website's address contains the https secure connection, to spot fraudulent websites.

An Garda Síochána also recommends, that cybercriminal activities like these, if spotted, should be reported at the local Garda station, so that law enforcement procedures against the scammers can be initiated.