You may have heard of phishing scams. Generally it is a malicious piece of code that hijacks legitimate sites and redirects them to another portal. Recently, my media studies site for students at http://istudymedia.com was hacked.
The scammers redirected customers of FNB Bank to a bogus front page on my site, where they had created an exact copy of the online banking page for FNB. Customers fooled by the re-direct would have logged in with their password and user name. However, the password and login details went directly to the hard drive of a scammer and not the actual bank.
I was alerted to the phishing scam by FNB Bank who sent me a rather curt email to remove the code. On investigation I saw why they were so upset.
The screen shot above is how the bank site looked to its customers but it is actually being re-directed through the istudymedia site to somewhere in cyberspace. The media site merely acts as a conduit for the scam. Only those who checked the address bar would notice they had been redirected. Most people would be fooled. Phishing scams are common and it is annoying when your website gets hijacked but it is much worse for banking customers who risk having their savings drained from their account.
It is a timely reminder of how you should always double check the web address when you do your banking or any online transaction. It is also highlights the importance of keeping web sites secure. There are many people out there who want your money and they don’t care how they get it – don’t let it happen to you.