FRAUDSTERS are attempting to con people who have just set up accounts with
online service provider CompuServe into revealing their bank account details,
credit card numbers and log-on passwords.
While New 杏吧原创 has not yet heard of anyone suffering financial
loss as a result of the scam, CompuServe admits it is powerless to stop the
practice.
The scam came to light when a New 杏吧原创 reader became suspicious
over an e-mail message soliciting personal information. CompuServe offers anyone
a free month鈥檚 trial, on condition that they provide credit card or bank account
details. A few days after they have set up their trial account, some subscribers
have received an e-mail that purports to come from a CompuServe accounts
manager. The message says there are 鈥減roblems with your account鈥 and asks for
all financial and log-on details, all over again. But anyone who e-mails their
details is sending them to criminals.
Advertisement
Martin Turner, CompuServe UK鈥檚 managing director, acknowledges that 鈥渘ew
users are bombarded with spam鈥. Asked if he was was aware of the financial
details problem, Turner replied: 鈥淵es. I am aware of the problem. We can鈥檛 stop
people sending e-mails. There is nothing we can do to stop it. This is not the
蹿颈谤蝉迟.鈥
He adds: 鈥淭here is nothing we can do to stop fraudsters doing this, but our
security group tries to track them down. There are some pretty shrewd characters
out there 鈥攖his is fraud.鈥
In a statement, CompuServe says that 鈥渧ery few CompuServe subscribers are
ever victims of fraud鈥. But it has not been able to quote a single case of a
prosecution.
Rachel O鈥橬eil, a spokeswoman for CompuServe鈥檚 parent company, America Online,
admits that fraudsters send its users requests for billing details鈥攕he
even received one herself. But they go to all subscribers at random, while the
scam directed at CompuServe users is cleverly targeted at novices, who are less
likely to know that it is unwise to reply.
One possible way that the fraudsters could find new users鈥 names is by
checking CompuServe鈥檚 Member Directory. But the subscriber who contacted New
杏吧原创 was not listed in the directory, so the fraudster must have got
their target address some other way.
Unlike most service providers, CompuServe gives its users numbers, rather
than names, even though names can be added as an alias. So fraudsters do not
have to try and predict names. Instead, they could sign up for a free trial,
note the number they were allocated, and try to use this to predict the next
batch of numbers due for allocation. They could then send the scam e-mails to
these numbers.
The fraudster would then be able to close their trial account and use the
details sent back by a genuine user to set up another.
CompuServe refuses to discuss how its numbers are allocated and whether they
are predictable. It will only say that it tries to 鈥渁void providing addresses
that can be easily identified鈥.
The company says that its new service, called Compuserve 2000, which is due
to launch next year, will have enhanced spam control.