Users Considering “Secure Messages” from Bank may Land on Phishing Web Page
Security firm TrendLabs cautions that a new surge of phishing e-mails are forcing into the inboxes of customers of Standard Chartered Bank. The spam e-mail tells recipients that they must make access to their Internet banking accounts as well as view the Secure Messages portion for perusing a particular notice. The text of the e-mails also contain a Web-link that if hit, takes the user onto a phishing site.
TrendLabs says that the scammers realize that one basic term with which they can induce users to follow their malicious link is "SECURE." These criminals spoof some genuine e-mail ID in the "From" space, but many users hardly care to check out such addresses.
Moreover, the security researchers at TrendLabs, while commenting on the ploys the scammers have employed within the current e-mail scam stated that phishers continue using fake login pages as a standard medium of attack. For, phishing assaults of the same kind through spam mails have emerged earlier too.
In February 2010, TrendLabs, with the help of an anti-phishing source, catering services to the company, identified a phishing website simulating the secure login section of CenturyLink's website. Besides, during May 2009, phishing e-mails also targeted people who used the Citi Prepaid Services. Just like the Standard Chartered Bank incident, those messages directed recipients to follow a given Web-link that actually led them onto a phishing site.
While this is a traditional tactic, according to the security researchers, customers who go to the spoofed site may still unknowingly give away their online banking details to fraudsters desperately waiting. Therefore, it's advisable that users always maintain caution with e-mails of this type, especially with links that may be embedded in the messages.
In addition, users who access their Internet banking accounts must keep in mind that they should not click on Web-links provided in an e-mail. Rather, they should enter their bank's URL address straight into personal Web-browsers for accessing that bank's site. Likewise, Standard Chartered Bank reiterates to its customers that they must be aware of the risks pertaining to online threats, which also means that of phishing attacks.
Related article: Users Making Opening Online Accounts To Identify Thefts
» SPAMfighter News - 27-04-2010