Scam Combines Patriot Act FUD With IE Bug

LostCluster writes "CNET, Reuters, and the AP are all reporting this morning about a circulating e-mail scam that claims that people will lose their FDIC bank account insurance because they are suspected of violating the Patriot Act unless they confirm their bank account information with a website. The scammers then use the already documented bug in IE that allows a site in Pakistan to get 'www.fdic.gov' to appear in the URL bar. Where's an MS patch when we really need one?"

Re:Solution

[UnassumingLocalGuy]

And for those of us too cheap to buy a new browser, Mozilla or Firebird will have to do.

Re:Solution

[LousyPhreak]

But the problem is your solutions also requires one of these upgrades.

I would rather recomend this upgrade.

Or if you have a dislike for linux even just this upgrade helps much.

;)

Re:Solution

[Liselle]

I hate to plug Opera twice in the same thread, heh. But if I click on a link like one you mentioned, Opera will throw up a dialog box that says this:

Security warning:

You are about to go to an address containing a username.

Username: www.slashdot.org
Server: www.whitehouse.gov

Are you sure you want to go to this address?

Piece of cake.

The actual text from the mail

[Minus+Five]

Here's the text that prompted me into give away my personal info :)

Important News About Your Bank Account

To whom it may concern;

In cooperation with the Department Of Homeland Security, Federal, State and Local Governments your account has been denied insurance from the Federal Deposit Insurance Corporation due to suspected violations of the Patriot Act. While we have only a limited amount of evidence gathered on your account at this time it is enough to suspect that currency violations may have occurred in your account and due to this activity we have withdrawn Federal Deposit Insurance on your account until we verify that your account has not been used in a violation of the Patriot Act.

As a result Department Of Homeland Security Director Tom Ridge has advised the Federal Deposit Insurance Corporation to suspend all deposit insurance on your account until such time as we can verify your identity and your account information.

Please verify through our IDVerify below. This information will be checked against a federal government database for identity verification. This only takes up to a minute and when we have verified your identity you will be notified of said verification and all suspensions of insurance on your account will be lifted.

http://www.fdic.gov/idverify/cgi-bin/index.htm

Failure to use IDVerify below will cause all insurance for your account to be terminated and all records of your account history will be sent to the Federal Bureau of Investigation in Washington D.C. for analysis and verification. Failure to provide proper identity may also result in a visit from Local, State or Federal Government or Homeland Security Officials.

Thank you for your time and consideration in this matter.

Donald E. Powell
Chairman Emeritus FDIC

John D. Hawke, Jr.
Comptroller of the Currency

Michael E. Bartell
Chief Information Officer

Mozilla

[paj1234]

A lot of people here have suggested Mozilla as a solution. That is a partial answer. But a proper solution has not been implemented yet in Mozilla. See Bugzilla bug 122445, "Spoof prevention: Warn if username/password in link (url) looks like a hostname". The bug has been outstanding for two years now and it's still not been fixed in Mozilla. There is a proposed patch planned to go into 1.7a.

For the full discussion see: http://bugzilla.mozilla.org/show_bug.cgi?id=122445