Phishing Scam with ‘Irregular Activity’ Targets Customers of RBS

Softpedia.com reported on 26th November, 2013 quoted a warning by experts: "Customers of Royal Bank of Scotland (RBS), headquartered in Edinburgh, Scotland are advised to be careful about bogus emails which inform recipients of irregular activity on their accounts."

The scam emails entitled "RBS - 1 New ALERT Message" addressed the email recipient as 'Dear Valued Customer', and tells him that the Bank observed irregular activity on his Debit Card of RBS. For the customer's personal safety, it is desired that he passes the certification questions accurately as the main owner before the Bank can once again open his debit card for being used. He is told that the Bank shall review all the activities on his account thereby removing all restrictions that have been currently imposed. He is asked to click to be able to reach his account.

Actually, RBS wasn't the email sender. It was a stereotypical phishing scam to dupe RBS customers of their personal as well as financial details by cybercriminals.

Those who get tricked and follow the instructions are sent to a bogus website which looks like genuine log-in page of RBS.

Once they enter their details on that bogus page, customers might be sent to another web form which asks for details of cards and other fiscal information. Scammers can collect all these details and may be used to compromise the victim's RBS account as well as credit card scams.

Security experts analyzing the ongoing scam note that phishing is an extremely common scam targeting users of fiscal institutions all over the world. You should be cautious of any message asking you to click on a link (as in the above case) or for opening an attachment to correct an account problem or confirm your identity which is a very usual phishing plot.

Meanwhile, similar phishing emails have been sent to the clients of other financial institutions in the past as well. For example: scammers were targeting customers of ANZ (Australia and New Zealand) Bank in July 2013 with fraudulent emails asking them to update their account information. The email said it's a necessary and failing to update it shall lead to suspension of service.

» SPAMfighter News - 12/3/2013