Phishers have added a new lure to their tackle boxes: e-mails that ask people to fax sensitive information to bogus security investigators.In a new scam, attackers are sending e-mail warnings that appear to come from PayPal, security specialist Sophos said Wednesday. These e-mails say that someone tried to reset the recipient's password and asks him or her to participate in an investigation.
The e-mails direct people to a Microsoft Word document hosted on a Web site and urges them to download the form, fill it out, and fax it to a toll-free number, Sophos said. The form asks for credit card information.
The new tactic comes as people are becoming more suspicious of e-mails asking them to fill out sensitive information online, said Graham Cluley, a senior technology consultant for Sophos.
=>
click here for more info