We’ve examined spam and phishing attacks in non-English languages before, and it appears that Italians aren’t safe from these schemes either. A recent phishing scheme has surfaced with nearly a nearly immaculate Web site duplication. CartaSi, a well-known Italian credit card company, is the latest target.
The circulating email (seen above) alerts CartaSi customers that their account statements are available online and encourages users to log-in to “view it, print it and save it to your personal files on your PC.” The link is written out as a CartaSi URL but when a user clicks it, the page is redirected to a page hosted on ns1.druti.net, which has been found to be a “Reported Web Forgery.” Unknowing users are tricked into supplying their account information to the cyber-criminals who can then use the information to gain access to financial statements. These criminals have an eye for detail as the fake landing page is actually a near perfect replica of the legitimate CartaSi Web site as seen below.
The forged site:
And the legitimate CartaSi site:
Seems phishing schemes are getting quite elaborate and cyber-criminals are taking more time to develop really great fake sites to trick unassuming users.