Another of the text only variety, but again in HTML format. This time, the sender isn't even sure of the bank's name, opting to put in two different formats in the 'welcome' line.
This time the target URL is http://www.natwest.com.mytrud0.com.ph/securesession/action.aspx?refererident=871971920273340340702164122028565785710983520586120712. An attempt to trick the unwary by including natwest.com in the subdomain, but not if you look carefully at the URL. I suppose though it does take an understanding of how URLs are made it to know that it is fake.
Again, it's made no attempt to personalise the email - just sent to 'customer'. Why anyone would have to complete a form so that a bank could change it's system isn't really believable, but some people must go for it else these emails wouldn't be circulating and I wouldn't be publishing them as warnings.
Don't touch the link - you never know what the target page might install on your machine. Here's the email content.
Dear National Westminster Bank (NatWest Bank) customer,
We regularly perform scheduled maintenance for our OnLine Banking customers. We intend upgrading our OnLine Banking security server for better online services.
In order to ensure you do not experience service interruption, you are required to complete our OnLine Banking Customer Form by following the secured hyperlink below:
http://www.natwest.com/securesession/action.aspx?refererident=871971920273340340702164122028565785710983520586120712
Thank you for banking with National Westminster Bank, the industry leader in safe and secure online banking.
National Westminster Bank Customer Service
__________________________________________________________
National Westminster Bank © 2007
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment