Sweden

Once upon a time they had an excuse.

Get It Try It

Once upon a time they had an excuse. Back in the days before the Øresund Bridge. The bridge that united Sweden with Danmark and the continent. It was OK to be isolated then - it was even cool.

But the bridge changed that - and so did membership in the EU and so did something called the Internet.

And Swedes are a smart people, even though they hang onto Mamma Microsoft's skirt hems for dear life. So all things considered they shouldn't be as stupid as everyone else when it comes to phishing. After all, they do surf to English language sites online and keep abreast of news in the world, don't they?

Seemingly not. Formerly state owned Nordea Bank got hit this morning by another grandiose phishing expedition and already they're counting the losses in the millions.

Dear customer!

A bogus electronic mail message has been sent to people in Sweden in the name of Nordea Bank. If you have received this bogus message we encourage you to remove it from your computer. If you clicked on the link in the message you should update and run your antivirus program.

Nordea Bank never send messages asking for code numbers, credit card numbers, or other sensitive information.

If you have submitted your social number, personal code, or one time code you should contact our Internet support line at 020 - 42 15 16 (07:00 - 23:00 seven days a week) or our customer centre at 0771 - 22 44 88 (08:00 - 20:00 weekdays).

It should be pointed out that Nordea's instructions for protecting oneself from phishing expeditions in the future completely assume use of Microsoft Windows.

An SSL encrypted session is started when you surf to our Internet service login page. Already on this page you can make sure you are communicating with us.

• Right click in the middle of the page and choose 'Properties'.
• Click on the Certificate tab and make sure the certificate is issued by VeriSign.
• Make sure the certificate is issued to gfs.nb.se.

So how convincing was this phishing message?

Good day dear customer!

The summer of 2006 has been one of the worst for illegal operations. Confidential information about our customers is becoming more and more interesting for criminals. Many turn to us because we protect their accounts against loss of funds.

Because of the above Nordea Bank have declared next month Anti-Fraud Month. Before 1 September all our customers must activate the new account security system, a system we've worked very hard to improve. It's been checked by specialists in electronic commerce and all independent experts have attested to its thoroughness in combatting fraud. Because these details can be used by criminal elements we do not piblish [sic] them in public channels.

You have been chosen at random as a participant in the final tests of the system. We ask you to click on the link to http://app.nordea.se/login/security.html and through your usual login to Internet banking activate the new security system. For the time being you will notice some features still missing as you work. We are aware of this and therefore ask you to not inform us of issues you encounter - we're already taking care of them.

We remind you that starting in September you will be required to use the new security system - otherwise access to your account will be blocked until your complete personal identification is processed. We therefore advise you to start using the new security standards as soon as possible.

Regards,
Nordea Anti-Fraud Dept

2.3 Million

'We have 2.3 million Internet banking customers in Sweden', says Nordea's press secretary Boo Ehlin. 'About 100 fell for the trick - between SEK two and four million swindled. That's not a lot of money in the bigger picture but for those who were swindled it's very serious indeed.'

Maybe someday soon Sweden will built a cultural Øresund Bridge with the rest of the planet.