Archive for February, 2005

Snowy Britain

February 22nd, 2005

Snow falling on Big Ben

The Guardian today has a wonderful series of ‘look how bad the snow is’ photos… I just find it amusing how, compared to the huge snow banks here in Canada, the UK almost comes to a standstill whenever there’s a flurry.

Lloyds TSB Attacked by Phishing Scam

February 4th, 2005

Look what landed in my inbox this morning:

Lloyds TSB - header image from spoof email

We’ve all heard of the online banking fraud that goes on, but I hadn’t seen such a blatant example still live on the web until today. As part of the Rising Tide server switch, I’ve had to temporarily alias a couple of mailing list subscribe / unsubscribe address to my own email account, and I got a spam email to one of them this morning. To me it was immediately apparent that it was a fake, but it’s easy to see how a large number of non-technical internet users are drawn in by these extremely realistic looking scams.

Check out these screen shots:

The real Lloyds TSB online banking site.
The fraudulent site.

My first reaction was to check out the domain name the fraudsters were using — lloydstsb-bank.biz — turns out it’s registered through the New Orleans Leftover Data Center, a rather dubious company who I’ve come across before – they bought up theyellowhouse.info, the domain name for a site about eco-housing one of my colleagues made (now located at www.theyellowhouse.org.uk) when he accidently missed a renewal payment. Even though the site was part of a non-profit doing some really great work, they refused to even consider selling it back.

They didn’t answer their phone, so I emailed them to tell them they really should pull that domain name off the web, and I then called Lloyds TSB online… turns out they already knew about the fraud, and are trying to get it shut down, but at the time of writing this the fake site is still live. I won’t link to it though, that would be stupid.

I doubt Lloyds will make public how many accounts are compromised, but I know there will be some. It is sad the lengths some people will go to driven by greed. (Put it this way, I doubt the perpetrators were planning to donate the money to OCAP.)

Update: It gets better. I had a look in more detail at the site, and – can you believe it? – they’re pulling all the images and the css straight off the real Lloyds TSB site! Not only are the scammers trying to rip off customer details, but Lloyds TSB are paying for most of the bandwidth! Incredible. I called them up again to let them know that they could simply and easily make the fraudulent site look, well… not so much like Lloyds TSB online anymore. By simply changing the names of the images they use on the real site, and maybe replacing the old image with a different image of the same name that would then be served as part of the fake site… “This site is a fake – don’t enter any of your online banking information” ought to do it. Or even more simple – just swap out the css file and replace it with:

body { display: none; }

Personally I’d probably go for a more creative edit ;-)

Of course their tech department closed at 5pm UK time and the poor people on the Internet Banking helpdesk don’t have access to do that kind of thing. I’ll check the fake site again tomorrow morning – hopefully it will look a little different!



  • Search
  • You are currently browsing the matthewcarroll.ca archives for February, 2005.

  • Meta

  • Old Browser

    It seems you are using an old web browser (e.g. Internet Explorer 5 or below). This is a security risk to you, since Microsoft no longer releases updates for old versions of Internet Explorer. Also, note that this site is designed to modern internet standards, and the layout may appear strange or plain in older browsers. All the content is still accessible to you, but I strongly recommend you upgrade to a modern, safe, standards-complient browser, such as Firefox. For more information on getting the best experience surfing the web, see browsehappy.com.