Cybercriminals Targeting NatWest Bank in Latest Phishing Campaign - Experts

Cyber crooks in their latest phishing email campaign are attempting to embezzle the login details of UK-based NatWest Bank customers, warned security experts, as published by softpedia.com on April 16, 2015.

The email sent is simple asserting that the processing of an incoming payment is being delayed due to undisclosed fallacies related to the users account details.

To resolve the problem, the email recipient is told to login into his bank account through a given link and then filling up the forms present on the webpage.

It is unknown what details are being sought on the phishing webpage, but generally, scammers make sure to get hold of all classified details that are crucial to do online shopping in the victim's name. These details include: name as inscribed on the card, number of the card, the card verification value, and the card's expiry date.

According to security experts, the server hosting the maligned site has been traced back to Sankt Petersburg in Russia. The reply address 'inf@nmt[.]com' has no relation with the NatWest bank.

Distancing itself from the ongoing phishing scam, NatWest Bank on its official website explains the modus operandi of phishing. It outlines: phishing is when scammers send fake but convincing looking emails to entice you into disclosing your details on a phony website that bears an authentic look. Scammers employ these essential details to access your accounts for money or may even rob you of your identity leading to identity theft. They can also employ hyperlinks or attachments embedded in these emails as a way to malign your system with malware.

To mitigate phishing email campaigns, the Bank highlights some simple tips including: firstly, thoroughly check the email's subject line. Subject lines like: "System Upgrade", "Security Alert", "Important Notification", should be classified as suspicious.

Also, lookout for emails that tell you to click on hyperlinks or to download an attached file stating that you need to verify your account or password details or your account security details need to upgraded. Opening such emails may lead you to a phishing website where you will be forced to your full details (as in this case).

» SPAMfighter News - 4/23/2015