さっき、こんなメールが来ました。米国のとある銀行から送られてきたように見えます(一部修正)
As a XXX banks customer, your privacy and security always come first. We have been dedicated to customer safety and protection, and our mission remains as strong as ever.
We inform you that your XXX banks Internet banking account is about to expire. It is strongly recommended to update it immediately. Update form is located here.
However, failure to confirm your records may result in account suspension.
でも、私こんな銀行に口座を持ってないし。そこでXXX BankをGoogle検索してみると、れっきとした米国の銀行らしきことが判明。HPに"© 2008 XXX Banks, Inc. All rights reserved. Member FDIC. Equal Housing Lender. XXX BANK is a registered trademark of XXX Banks, Inc."と入っているところもメールと同じです。
が、そのサイトのPROTECT YOURSELFというページを見たところ、
Phishing involves the use of fraudulent email or browser pop-up messages that appear to be from a legitimate source, often using a company name, logo and/or graphic. A typical scam consists of:
- Receipt of an email message stating you need to update or validate your account information.
- The message suggests a dire consequence, such as your online access expiring or being suspended, if you do not respond.
- Via a link in the message, it directs you to a Web site that looks legitimate, but is not.
THE INTENT IS TO TRICK YOU INTO DIVULGING YOUR PERSONAL INFORMATION, such as your account number, social security number, User ID or Password so they can commit crimes of a monetary nature or identity theft. It may also be an attempt to deliver and install malicious code (malware) that can harm your computer.
Reporting a fraudulent email
If you receive a suspicious email that appears to be coming from XXX Bank, please forward a copy of the suspicious email to XXX@xxx.com. If you discover a potentially phony XXX Web site, please forward the Web address (url) to XXX@xxx.com.
これって、受け取ったメールの内容そのまんまです。ってことは、これが本当のフィッシング詐欺ってやつ?
で、私はXXX Bankの警告に従い、受け取ったsuspicious mailを上記アドレスに転送しました。でも、XXX Bank自体が架空の存在で、私が見ているHPも手の込んだニセモノだったとしたら、まんまと敵の思うツボだよなあ…と、すっかり何を信じていいのかわからない状態。インターネットってバーチャルの世界なんだなあ、と改めて認識した事件でした。