Fraud Phishing

Recently one of the biggest private bank in Indonesia, Bank Niaga -part of CIMB Group, and one of biggest state bank in Indonesia, Bank Bukopin, attacked by phishing for their internet banking service. Here is the detail of what happened:

1. Bank Niaga and Bank Bukopin cooperate with bank2home (pacomnet) to outsource its internet banking services.
2. There are some hacker who perform a social engineering process by redirecting the link using fake link as below:

http://secure.bank2home.com.cn/ib-niaga/Login.html
http://secure.bank2home.com.cn/appbukopin/

Compare to the original link that using https and no addition for .cn domain.

In computing, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets. Phishing is typically carried out by email or instant messaging,[1] and often directs users to enter details at a website, although phone contact has also been used.[2] Phishing is an example of social engineering techniques used to fool users.[3] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical measures.

source: wikipedia.org