Account Holders of Discover Bank Attacked with New Phishing Email Campaign

Softpedia.com published a report on 23rd December, 2013 quoting security experts saying that card holders of Discover bank, headquartered in Riverwoods, Illinois, U.S. are suggested to be wary of bogus emails asking them to renew their account information.

The bogus Discover emails seem to be from either mailer@discover.com or sender@discover.com with the subject line "Please update your Discover Account".

The links in the scam emails take customers to a well-made Discover phishing website where customers are directed to login with their username and password.

The links of the phishing webpage lead to the genuine website of Discover except for Login button that elicits a command to send the user ID and password to the server of cybercriminals.

Security experts while investigating the ongoing phishing email campaign comment that after handing over the username and password, users are directed to a webpage on the original Discover website.

Experts also said that there are no less than two hacked websites arranged to host the phishing webpage.

Explaining the modus operandi of the scam, security experts highlighted that phishing occurs when an account holder receives a real-looking email (like from Discover in the above case) apparently from a trusted and known company. A message will instruct the recipient to click on a link to an official-looking Website where he or she is asked for personal or account information (as in the above case).

However Discover announces on its official website that it will never send its customers any email which requests them to reply directly via email with any personal information like username, password, account numbers, cardmember ID (CID), expiry date of Card, date of Birth and Social security number.

If you receive an email claiming to be from Discover which you suspect to be fraudulent, call DISCOVER on its help line number or email at emailwatch@discover.com immediately.

Moreover, like Discover Bank in US, the Royal Bank of Scotland (RBS) based in Edinburgh, Scotland too was recently targeted by cyber crooks with massive phishing email campaign. The emails purporting to be from the bank claimed that the bank had noticed irregular activity on debit card of the recipient.

» SPAMfighter News - 1/3/2014