IMGCAP(1)]
New Internet users present an opportunity for fraudsters to obtain sensitive personal information through phishing scams, according to Dan Clements, vice president at Trumbull, Conn.-based security company Affinion Group Inc. With phishing, criminals attempt to steal consumer payment information by posing as legitimate institutions in e-mail messages. "People forget there is still a certain percentage of the population not using online banking and are new to the Internet," Clements tells CardLine. But phishing scams dupe even seasoned Internet users. On Aug. 7, one of Affinion's security divisions uncovered the records of approximately 300 consumers on a server fraudsters use to store stolen information. CardLine was able to view the files, which included full names, mailing addresses, credit card numbers, card-security numbers, birth dates, mother's maiden names, e-mail addresses and e-mail passwords. Between 100 and 200 consumers were users of Apple Inc.'s .Mac and MobileMe online services. When Affinion alerted victims to the problem, the company discovered many were "sophisticated" Internet users. "Some of them will admit they were phished, and some of them won't," Clements says. The phishing e-mails were "well-crafted" but contained some errors in grammar, Clements says. Fraudsters tied the phishing scam to the launch of MobileMe last month, Clements says. "The attackers prey on special events, and it increases the success rate of phishes," Clements says. Apple is aware of the attack, he says. Apple did not respond to CardLine requests for comment.
