Experts Warn Customers of NatWest Bank about a Fresh Phishing Campaign

Softpedia.com published a news report on January, 10, 2014 quoting an alert raised by experts as clients of NatWest Bank, based in Bishopsgate, UK, are being targeted in a new phishing email campaign started by heartless cybercriminals.

An illustration of such attack is scammers are sending emails with subject lines that inform them that a new message is waiting for them in their Inbox. The emails purporting to be from NatWest Bank Security Department Team addresses the recipient as 'Dear Value Customer', and says that they have a new message waiting for them in their Inbox. They are asked to click on a link to read the email.

But, the links don't take user to the bank's website instead it takes to a phishing webpage hosted on a hijacked website.

The malicious website looks like the official site and it is without an 'HTTPS' a clear pointer of a scam.

On the phishing webpage, victims are instructed to submit their personal as well as financial details along with their email ID and password. Once the data is submitted, victims are routed to the original NatWest website.

Security experts analyzing the ongoing phishing email suggest some important tips which help in identifying email and reduce the likelihood of being persecuted by such phishing messages. These tips include: primarily, always remember that NatWest Bank will ask your full PIN or password (as in the above case). Secondly, check the title of the message - if it addresses you as 'Dear Customer' or as 'Dear Valued Customer' (as in the above case) or if it is not personalized in any way, then you must get suspicious as it is quite unlikely that phishing message will bear your name.

Additionally, never reply to any unanticipated or doubtful emails and also don't click upon any links or attached files contained in such emails as in the above case.

Moreover, it's not that NatWest Bank has been attacked for the first time. In October, 2012, bogus email purporting to be from NatWest Bank notifying the client that he had been chosen to get a 100 pound gift certificate as a prize for taking part in a 'customer satisfaction survey' were intercepted.

» SPAMfighter News - 1/17/2014