Cyberscams exploit consumers' financial unease

SAN FRANCISCO -- The rippling financial crisis has sent consumers scurrying to the Internet for answers and advice. Online fraudsters are right behind, devising ways to steal personal information.

Cybercrooks are creating fake websites, spam, phishing attacks and malicious software code to take advantage of anxiety during the economic calamity. Like other extraordinary news events, the crisis has heightened fears and made people desperate for information, say computer-security experts.

"It's a new spin on old tactics," says Andre Gold, an independent security consultant who formerly was head of information security and risk management at ING.

One example is an e-mail that appears to come from Chase. It asks customers to go to what is purportedly a Chase website, but is a fake, and provide personal information, such as user ID, password, name, address, phone number and Chase credit card number.

Phishing attacks on Citigroup soared shortly after it announced its intention last month to acquire struggling Wachovia, according to Internet researcher Netcraft.

•Fake websites. Many of the phishing attacks advise bank customers to follow links for websites and update their personal data. The sites are fakes, designed to trick victims into divulging their user name, password and more.

"People's life savings are at risk," says Andy Klein, an e-mail expert at security vendor SonicWall. "Many are especially antsy because they haven't heard from their merged banks yet."

•Targeted malware attacks. Concern about targeted cyberattacks was a major topic among representatives of leading U.K. banks at a London conference this month, says Eisen, who attended.