Customers of Lloyds TSB Bank Attacked by yet another Phishing Campaign
Softpedia.com published a report on 10th August, 2012 mentioning Lloyds TSB Bank's warning to its customers to be cautious about a new phishing email scam which is impersonating the bank and currently targeting them.
Millersmiles.co.uk published a report on 9th August, 2012 stating that the phishing email comes with the subject 'LloydsTSB-Important Update Notification' and addresses the recipients as 'DEAR LLOYDS TSB BANK HOLDERS' and reads: "Your account has been exhibited from our data base due to frequent error on login attempt and hence you are required to fill details of your account correctly to regain access to your online account."
The email asks the recipient to click on a link to proceed further.
The email further says "You have 24 hours to get access to your Lloyds TSB account".
The email threatens the recipient that failure to do so will lead to suspension of their services.
Unlike previous versions where cybercriminals positioned their phishing pages on infected domains, this time they negotiated a website from Bosnia and Herzegovina and changed it to forward visitors to a different site owned by the government of Andorra.
Luckily, the webmasters of the government website might have observed the hijacking of their systems and the webpage placed by the hackers has been detached and the pretentious sub domain has been closed down. This may point to that they are presently working on addressing the security holes which have given access to the hackers.
As a precautionary measure to avoid latest phishing campaign, Lloyds TSB Bank announces on its official website that it will never ask its customers their Internet Bank or card details through email or text message or a link of any website.
Therefore, to lessen the chances of Internauts falling for the latest scam or any similar attack, Lloyds TSB Bank has issued some security tips which include checking the address of the sender. It should be LloydsTSB (email@example.com) or LloydsTSB (firstname.lastname@example.org).
Secondly, the email should contain the last four digits of your account number and lastly, the email will be personalized and will not be addressed as 'DEAR LLOYDS TSB BANK HOLDERS' or something similar.
Related article: Customer’s Data Leaked Out of a UK Loan Website
» SPAMfighter News - 21-08-2012