Fresh Phishing Scam Pretending to be Halifax Bank Detected

Security researchers warn about a phishing scam that they perceive impersonates the Halifax Bank, so published softpedia.com dated October 7, 2013.

It maybe noted that Halifax maintains one series of banks within UK while being part of Bank of Scotland.

Captioned as "Halifax Bank: Unconfirmed Payment Notification," the fraudulent phishing e-mails carry web-links, which lead onto a fake Halifax site.

Using payment@online.halifax.co.uk as the sender's id, the e-mails addressing the recipient as "Dear Esteemed Customer," tell that the Internet customer service of Halifax Bank recently found a refund due to be credited to the recipient's account. But the payment valuing 270.58 pounds can't be processed for the crediting since his up-to-date details haven't gotten uploaded to the bank's latest database. Therefore, user requires validating his account so the bank can deposit the sum into his account right away.

Finally, the e-mails end by notifying that the measure taken is mandatory which requires all fields to be entered.

But the notification isn't from Halifax, and if Internauts believe it and follow the web-link they'll land on the fake site that tries to get his financial and other personal details.

Incidentally, there are the formatting, graphics and logos of Halifax on the phony site so it looks real. Victims are further confused via being taken automatically onto the original site of Halifax once they fill up the bogus questionnaire.

Moreover, given the scammers now in possession of the victim's personal details, entered into the bogus site, they can easily compromise his account, withdraw/transfer money as well as carry out other dubious operations, remark security analysts.

However, Halifax Bank posted online through its formal Internet site that it wouldn't ever dispatch its customers any text, e-mail, else web-link requesting for their Internet banking credentials, credit card data alternatively conduction of any test payment. Therefore, such e-mails must just be overlooked.

In the meantime, in another instance of phishers targeting Halifax Bank, during March 2012, customers were told to update their credentials for Internet banking through a given web-link so the bank could add them to its supposedly fresh Internet-banking validation process, those phishing e-mails indicated.

» SPAMfighter News - 10/16/2013