In addition, customers of smaller banks may not be as experienced in
with such scams, said Rod Rasmussen, director of operations for
Tacoma, Wash.-based Internet Identity, which helps banks and other online-fraud targets combat phishing Web sites.
Phishers hope they can "hit the mother lode with a small
bank that's communicating with their customers in a way that makes them
more susceptible ... than maybe they should be,"
_____Recent Phishing Articles_____
Technology Fueling Wave of Phishing Scams (washingtonpost.com, Jan 18, 2005)
It's Been a Day-to-Day Battle With Intruders (The Washington Post, Dec 26, 2004)
Companies Forced to Fight Phishing (washingtonpost.com, Nov 19, 2004)
How to Fend off Phishing (washingtonpost.com, Nov 18, 2004)
Phishing Feeds Internet Black Markets (washingtonpost.com, Nov 18, 2004)
Online criminals also are beginning to trade and sell lists of e-mail
lists of known bank customers. In a little-known online chat channel
to credit card fraud and identity theft, one recent poster advertised
an e-mail address list of customers of Washington Mutual, a regional bank
based in Seattle that serves customers in 14 states.
The company did not respond to repeated requests for comment. But
say that if the e-mail lists are accurate, the people selling them
most of the addresses from previous victims.
"In a lot of ways, phishing is nothing more than illegal direct
if you're a really clever criminal you will find ways to target your
Madelyn Valdes, 46, of the Bronx, N.Y., learned she'd been the
victim of a phishing scam targeting Washington Mutual customers when her checking account was
emptied of $900.
The scammers had used her checking information to open up a new
Paypal account, and then wired the money to another location. Valdes
said the thieves also tried to use her account information to buy
hundreds of dollars worth of women's shoes online.
"I was about to send my rent check but now I can't do anything,"
she said. "I'm totally broke."
Banking on Technology
Some smaller banks have taken defensive steps to block phishers, such
as declining to communicate with their customers via e-mail, or
temporarily shutting down portions of their online banking sites once a
scam has been identified.
Other regional banks, however, are warming to technologies adopted by many large financial institutions. Sovereign Bank, which
maintains branches in seven northeastern states, was first targeted on Oct. 29, and then again one week later.