Phishing page steals prepaid debit card account information

Many people don’t have a regular or a big enough income to receive a debit card, but would still like to have one since it can be really handy when settling bills or shopping online. The answer to this problem? Prepaid debit cards.

The good thing about this option is that if your card information is stolen and misused by cyber criminals, the monetary loss is limited to the (usually) small amount of money you have on your account.

Since these cards are regularly used by low- to mid-income citizens, who really can’t afford to lose even that amount, Symantec‘s revelation that there are phishing sites out there that are posing as the main website of a well known prepaid debit card service will provide an almost lifesaving warning.

The phishing site notifies the users that their account has been limited, and requires of them to enter the following confidential information in order to re-activate the account:

The inserted data is now in possession of the fraudsters behind this scheme, and it can be used to clean up the account.

The pages’ URL is randomly changed to avoid anti-phishing detection, but they are hosted on the same set of IP addresses. The page always looks the same. According to Symantec, the attack method was prominent during the first half of May, but users should still – and always! – be careful.