The scam works by sending email users a message purporting to be from a bank welcoming them as a customer and claiming that they are the beneficiary to funds from the Alliance Security and Finance Company in Amsterdam.
Security firm Websense warned: "The email includes a URL to the bank and a username and password to log into their "account." Upon accessing the bank website, an option is provided to log in to this bogus account with the bank, using the login information provided in the email. When the user logs in, the account information is displayed, along with a balance of more than $9 million."
The website then requests that the user transfer the funds to their own bank account, and requests that details of that account be entered in order to perform the transfer. This is very similar to the Nigerian scams that have been around for some time now. The phishing site appears to be hosted in the U.K.
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
