raj2001
03-08-03, 09:12 PM
http://www.chron.com/cs/CDA/story.hts/business/1809408
EarthLink says it blocked identity-theft scam
Reuters News Service
WASHINGTON - Internet provider EarthLink Inc. said it had blocked an apparent identity-theft scam that sought to collect credit-card and bank-account numbers from its customers.
Many EarthLink subscribers recently received an email message urging them to resubmit their personal information or face termination of their accounts, due to a "recent system flush."
Users who clicked on a link found themselves at a Web site, www.el-network.net, that asked them for their name, address, credit-card and bank-account numbers, as well as personal information such as mother's maiden name and birth date.
The site featured EarthLink's logo and and links to EarthLink customer pages.
An EarthLink spokesman said the site had been blocked this morning and the company was investigating the situation. Users who submitted information received a message that said the account had been terminated.
According to domain seller Register.com, the Web site was registered to an address in California, but an EarthLink official doubted the person behind the scheme lived there.
"I think that just about anybody that's going to do this is not going to make the mistake of registering the domain name under their real information," said EarthLink Chief Privacy Officer Les Seagraves.
This particular Web site was registered using a foreign e-mail address that had been used to set up similar operations in the past, Seagraves said, and the company has filed a suit to find out who is behind that e-mail address.
The message resembled similar schemes that have targeted customers of America Online, eBay and PayPal, according to one computer security expert. Such scams prey on less-experienced computer users who are reassured by familiar logos copied onto the site, said security consultant Richard M. Smith.
"It's not super-common, but it's becoming more common," Smith said.
AOL spokesman Nicholas Graham said so-called "billing scams" are an unfortunate fact of cyber life. "They're like the nasty colds and flus of the Internet."
Consumers should be wary of such e-mail requests, EarthLink's Seagraves said, as Internet providers would not ask for sensitive information via e-mail, or lose it in the first place, a notion seconded by Graham.
EarthLink has blocked its customers from reaching the site, Seagraves said.
U.K. firm Cut and Paste Scripts, whose free automated forms were used on the bogus Web site, stopped traffic from the site after it received notice that it might be fraudulent, a spokesman said.
Smith said the Web site was hosted by Metromedia Fiber Network Inc. in New York, while data submitted to the site ultimately ended up at New Jersey hosting firm DataPipe. Neither company responded to requests for comment.
EarthLink says it blocked identity-theft scam
Reuters News Service
WASHINGTON - Internet provider EarthLink Inc. said it had blocked an apparent identity-theft scam that sought to collect credit-card and bank-account numbers from its customers.
Many EarthLink subscribers recently received an email message urging them to resubmit their personal information or face termination of their accounts, due to a "recent system flush."
Users who clicked on a link found themselves at a Web site, www.el-network.net, that asked them for their name, address, credit-card and bank-account numbers, as well as personal information such as mother's maiden name and birth date.
The site featured EarthLink's logo and and links to EarthLink customer pages.
An EarthLink spokesman said the site had been blocked this morning and the company was investigating the situation. Users who submitted information received a message that said the account had been terminated.
According to domain seller Register.com, the Web site was registered to an address in California, but an EarthLink official doubted the person behind the scheme lived there.
"I think that just about anybody that's going to do this is not going to make the mistake of registering the domain name under their real information," said EarthLink Chief Privacy Officer Les Seagraves.
This particular Web site was registered using a foreign e-mail address that had been used to set up similar operations in the past, Seagraves said, and the company has filed a suit to find out who is behind that e-mail address.
The message resembled similar schemes that have targeted customers of America Online, eBay and PayPal, according to one computer security expert. Such scams prey on less-experienced computer users who are reassured by familiar logos copied onto the site, said security consultant Richard M. Smith.
"It's not super-common, but it's becoming more common," Smith said.
AOL spokesman Nicholas Graham said so-called "billing scams" are an unfortunate fact of cyber life. "They're like the nasty colds and flus of the Internet."
Consumers should be wary of such e-mail requests, EarthLink's Seagraves said, as Internet providers would not ask for sensitive information via e-mail, or lose it in the first place, a notion seconded by Graham.
EarthLink has blocked its customers from reaching the site, Seagraves said.
U.K. firm Cut and Paste Scripts, whose free automated forms were used on the bogus Web site, stopped traffic from the site after it received notice that it might be fraudulent, a spokesman said.
Smith said the Web site was hosted by Metromedia Fiber Network Inc. in New York, while data submitted to the site ultimately ended up at New Jersey hosting firm DataPipe. Neither company responded to requests for comment.