What happened a few days ago when I responded to the Sandra Wilson email?
Well the email below came back. Just a cut and paste job for a reply - they didn't even bother to use the false name I'd supplied.
What they are asking for might look harmless, but if I were to provide these details, I'd probably never hear from them again but they would have more than enough information to steal my identity. Then they would be able to apply for loads, mortgages, credit cards and whatever they felt like in my name. It's frightening really! If you think you might have responded to one of these emails then you can check your Credit Report for applications that you do not recognise. It's well worth it to put your mind at rest.
Here's the email I got back:
Dear Friend,
Thanks for your prompt response to my call for assistance..
I must inform you that your presence will be needed at the bank in Europe for the signing of the vital documents, to enable the funds to be transfer to your personal account in your country.
Please promise me that this transaction will be very confidential during the time of transferring these funds from the bank in Europe.
I am urging you to send me the following informations immediately to enable you to have in contact with the bank and book a date with them as when you are to come over for the signing of the release order of the funds.
Info Required
1 Full names and age.
2 Contact address, phone and fax numbers
3 Occupations
4 copy of your identity
with these I will be able to forward you the contact details of the bank to enable you reach the bank and have an appointment with them.
I hope you are well informed,
God bless you.
I look forward to hearing from you again.
Kind regards,
Mrs. Sandra Watson
Sunday 30 December 2007
Friday 28 December 2007
Intelligent Finance - Warning!
Well this one is short, sweet and to the point! I think it must hold the record for the shortest phishing email I have seen.It gets straight to the point and misses out all of the usual threats. There is a warning that your account is due to expire - no reason given as to why and says 'it is strongly recommended to update it' - again, no reason why. Suppose it's going for the theory that if you don't provide too many details people might just fall for it.
As quite often happens, it's not personalised in any way, which a bank would do; there's no reason why a bank would suddenly ask you to remind them of your security details; the link is to an ip address (76.202.129.183), rather than a URL.
Don't click on it - it's a fake and you don't know what the destination page might do to your computer...
Here's the email:
Dear customer,
Please note that your Intelligent Finance Internet banking account is about to expire.
Is is strongly recommended to update it immediately. Update form is located here.
Sincerely, Intelligent Finance administration.
Wednesday 26 December 2007
Greeting And Compliments. - Mrs Sandra Wilson
Here's one of those emails offering to give the recipient millions of dollars, just for being trustworthy. A few times the word 'BANK' appears - it could be that the email was actually a template and 'BANK' should have been replaced with a bank's name, so watch out for slight variations on that.
It's surprising that people do still fall for this type of email, but people must, otherwise there would not be so many emails about. Don't fall for this one!
Here's the content of the email:
GREETINGS AND COMPLIMENTS.
From: Mrs. Sandra Watson
Email: mrssandrawat@aim.com
ENDEAVOUR TO USE IT FOR THE CHILDREN OF GOD.
I am the above named person from Kuwait. I am married to Dr Christopher Watson who worked with Kuwait embassy in Ivory Coast for nine years before he died in the year 2005
.We were married for eleven years without a child. He died after a brief illness that lasted for only four days. Before his death we were both born again Christians.
Since his death I decided not to re-marry or get a child outside my matrimonial home which the Bible is against. When my late husband was alive he deposited the sum of 18Million Dollars (eighteen Million United State Dollars) with the BANK in Europe
Presently, this money is still with the BANK. Recently, my Doctor told me that I would not last for the next three months due to cancer problem.
Though what disturbs me most is my stroke sickness. Having known my condition I decided to donate this Fund to church or better still a Christian individual that will utilize this money the way I am going to instruct here in. I want a church that will use these funds to fund churches, orphanages and widows propagating the word of God and to ensure that the house of God is maintained.
The Bible made us to understand that blessed is the hand that giveth.
I took this decision because I don't have any child that will inherit this money and my husband relatives are not Christians and I don't want my husband's hard earned money to be misused by unbelievers.
I don't want a situation where this money will be used in an ungodly manner.
Hence the reason for taking this bold decision. I am not afraid of death hence I know where I am going. I know that I am going to be in the bosom of the Lord. Exodus 14 VS 14 says that the lord will fight my case and I shall hold my peace.
I don't need any telephone communication in this regard because of my health and because of the presence of my husband's relatives around me always. I don't want them to know about this development.
With God all things are possible. As soon as I receive your reply I shall give you the contact of the BANK in Europe I will also issue you a letter of authority that will prove you as the original- beneficiary of this Fund. I want you and the church to always pray for me because the lord is my shepherd.
My happiness is that I lived a life of a worthy Christian. Whoever that wants to serve the Lord must serve him in spirit and truth. Please always be prayerful all through your life. Any delay in your reply will give me room in sourcing for a church or Christian individual for this same purpose.
Please assure me that you will act accordingly as I stated herein.
Hoping to hearing from you.
I have set aside 20% for you and for your time and 10% for any expenses if there is any . Remain blessed in the name of the Lord.
Yours in Christ,
Mrs. Mrs. Sandra Watson
Note: reply Email: mrssandrawat@aim.com
It's surprising that people do still fall for this type of email, but people must, otherwise there would not be so many emails about. Don't fall for this one!
Here's the content of the email:
GREETINGS AND COMPLIMENTS.
From: Mrs. Sandra Watson
Email: mrssandrawat@aim.com
ENDEAVOUR TO USE IT FOR THE CHILDREN OF GOD.
I am the above named person from Kuwait. I am married to Dr Christopher Watson who worked with Kuwait embassy in Ivory Coast for nine years before he died in the year 2005
.We were married for eleven years without a child. He died after a brief illness that lasted for only four days. Before his death we were both born again Christians.
Since his death I decided not to re-marry or get a child outside my matrimonial home which the Bible is against. When my late husband was alive he deposited the sum of 18Million Dollars (eighteen Million United State Dollars) with the BANK in Europe
Presently, this money is still with the BANK. Recently, my Doctor told me that I would not last for the next three months due to cancer problem.
Though what disturbs me most is my stroke sickness. Having known my condition I decided to donate this Fund to church or better still a Christian individual that will utilize this money the way I am going to instruct here in. I want a church that will use these funds to fund churches, orphanages and widows propagating the word of God and to ensure that the house of God is maintained.
The Bible made us to understand that blessed is the hand that giveth.
I took this decision because I don't have any child that will inherit this money and my husband relatives are not Christians and I don't want my husband's hard earned money to be misused by unbelievers.
I don't want a situation where this money will be used in an ungodly manner.
Hence the reason for taking this bold decision. I am not afraid of death hence I know where I am going. I know that I am going to be in the bosom of the Lord. Exodus 14 VS 14 says that the lord will fight my case and I shall hold my peace.
I don't need any telephone communication in this regard because of my health and because of the presence of my husband's relatives around me always. I don't want them to know about this development.
With God all things are possible. As soon as I receive your reply I shall give you the contact of the BANK in Europe I will also issue you a letter of authority that will prove you as the original- beneficiary of this Fund. I want you and the church to always pray for me because the lord is my shepherd.
My happiness is that I lived a life of a worthy Christian. Whoever that wants to serve the Lord must serve him in spirit and truth. Please always be prayerful all through your life. Any delay in your reply will give me room in sourcing for a church or Christian individual for this same purpose.
Please assure me that you will act accordingly as I stated herein.
Hoping to hearing from you.
I have set aside 20% for you and for your time and 10% for any expenses if there is any . Remain blessed in the name of the Lord.
Yours in Christ,
Mrs. Mrs. Sandra Watson
Note: reply Email: mrssandrawat@aim.com
Sunday 23 December 2007
User Agreement Section 9.You are prohibited from using E-gold
It's time for a threatening phishing email now. One of those that say that for no particular reason a company has suddenly decided that you have to prove within 24 hours that you can remember your security details.
Why would this happen? Why would any reasonable financial company send such an email, early on the Saturday before Christmas when most businesses have stopped trading and it's highly likely that the email won't get through quickly? The threat to close your account if you don't reply within 24 hours is not one I could ever see a bank issuing like this and backing it up with the second paragraph shows that there is just 1 reason for this email - to panick you into clicking the link and giving away your personal details.
Don't do it - it's a fake email. Here's the contents:
Dear E-gold customer
We regret to inform you that your E-gold account could be suspended if you don't re-update your account information. To resolve this problems please click here and re-enter your account information. If your problems could not be resolved your account will be suspended for a period of 24 hours, after this period your account will be terminated.
For the User Agreement, Section 9, we may immediately issue a warning, temporarily suspend, indefinitely suspend or terminate your membership and refuse to provide our services to you if we believe that your actions may cause financial loss or legal liability for you, our users or us. We may also take these actions if we are unable to verify or authenticate any information you provide to us.
Due to the suspension of this account, please be advised you prohibited from using E-gold in any way. This includes the registering of a new account. Please note that this suspension does not relieve you of your agreed-upon obligation to pay any fees you may owe to E-gold.
Regards,Safeharbor Department E-gold, Inc
The E-gold team.
This is an automatic message. Please do not reply.
Why would this happen? Why would any reasonable financial company send such an email, early on the Saturday before Christmas when most businesses have stopped trading and it's highly likely that the email won't get through quickly? The threat to close your account if you don't reply within 24 hours is not one I could ever see a bank issuing like this and backing it up with the second paragraph shows that there is just 1 reason for this email - to panick you into clicking the link and giving away your personal details.
Don't do it - it's a fake email. Here's the contents:
Dear E-gold customer
We regret to inform you that your E-gold account could be suspended if you don't re-update your account information. To resolve this problems please click here and re-enter your account information. If your problems could not be resolved your account will be suspended for a period of 24 hours, after this period your account will be terminated.
For the User Agreement, Section 9, we may immediately issue a warning, temporarily suspend, indefinitely suspend or terminate your membership and refuse to provide our services to you if we believe that your actions may cause financial loss or legal liability for you, our users or us. We may also take these actions if we are unable to verify or authenticate any information you provide to us.
Due to the suspension of this account, please be advised you prohibited from using E-gold in any way. This includes the registering of a new account. Please note that this suspension does not relieve you of your agreed-upon obligation to pay any fees you may owe to E-gold.
Regards,Safeharbor Department E-gold, Inc
The E-gold team.
This is an automatic message. Please do not reply.
NatWest Bank: Safeguarding Customer Information
Here's a very basic email attempting to con recipients of their cash. But the email does at least use the correct name in the to field, even if it isn't copied to the 'Dear NatWest Bank Customer' line.
The actual target website seems to be techs0.org, of which I can find no mention in Google.
Interesting idea that you tell recipients that they will be getting these confirmation emails regularly. No reason why a bank would do that though. Pointless!
Here's the content of the email.
Dear NatWest Bank customer:
NatWest Bank is committed to safeguarding customer information and combating fraud. We have implemented industry leading security initiatives, and our online banking services are protected by the strongest encryption methods and security protocols available. We continue to develop new solutions to provide our online banking services and their customers with confidence and security.
The added security measures require all NatWest Bank customers to complete on a regular basis Online Customer Form.
Please use the hyperlink below to access Online Customer Form:
http://www.natwest.com/onlinebanking/customerform.aspx?computer_id=[id removed]
Thank you for banking with us!
NatWest Bank Customer Support
The actual target website seems to be techs0.org, of which I can find no mention in Google.
Interesting idea that you tell recipients that they will be getting these confirmation emails regularly. No reason why a bank would do that though. Pointless!
Here's the content of the email.
Dear NatWest Bank customer:
NatWest Bank is committed to safeguarding customer information and combating fraud. We have implemented industry leading security initiatives, and our online banking services are protected by the strongest encryption methods and security protocols available. We continue to develop new solutions to provide our online banking services and their customers with confidence and security.
The added security measures require all NatWest Bank customers to complete on a regular basis Online Customer Form.
Please use the hyperlink below to access Online Customer Form:
http://www.natwest.com/onlinebanking/customerform.aspx?computer_id=[id removed]
Thank you for banking with us!
NatWest Bank Customer Support
Friday 21 December 2007
I.F. E-banking: Confirm Your Account Data
Here's another Phishing email following the recent Natwest and Abbey National phishing emails, whereby they apologise at the end for sending it to random people. Although this email is worded differently to the previous emails targeted at those banks.The site the link points to is sslcheck.us, for which I can find no mention in Google, probably as the site was only registered yesterday.
The other strange thing is that they haven't even given a valid URL as the display URL to click on - presumably there's a '/' instead of a '.', but it makes it look even less convincing, if you need any convincing at all that it's fake.
Don't click the link - it's a fake. Keep your money safe and protect your details. You should only need to tell people your details when you decide to access your account.
Here's the email.
Dear IF Electronic Banking client!
Our Maintenance Department is doing a scheduled E-banking Online Service update
By clicking on the link below please open the procedure of the client details approval:
http://my1.intelligentfinance.co.uk.referrer3085/_mem_bin/formslogin.asp?host=34jcsnrdseDkhnncadeWAWwhyzlcteOkhOvp
These directions are to be mailed and followed by all members of the I.F. eBanking Online
I.F. does apologize for the troubles caused, and is very thankful for your collaboration.
If you are not user of IF E-banking please ignore this letter!
*** This is automatically generated message, please do not respond ***
(C) 2007 Intelligent Finance OnLine Banking. All Rights Reserved.
Thursday 20 December 2007
NatWest Bank Electronic Banking Confirm Your Account Details
This one follows the same theme as the recent Abbey National Phishing Emails, including the apology to non-customers on their customer mailing list... Word for word the emails are the same, just the name of the bank being targeted is changed.It's a very basic email. Little graphics, just telling you that they have changed their system and as such you need to be tested on your knowledge of your security details. Has anyone ever heard of a bank doing this for real?
Although it has been sent to just an individual email address, which does make it slightly more convincing, the email is in no way personalised and the line about 'if you are not a customer' just goes to show that it's gone to a spam list, not to a list of clients.
The link actually goes to a website cloudeb.com, not NatWest. If you have any concerns, contact the bank directly, not through any website / email links.
NatWest Bank UK
Dear NatWest Bank OnLine Banking customer!
Our Technical Subdivision is running an arranged Electronic Banking Service update
By visiting the link below you will open the procedure of the customer login verification:
http://www9.natwest.co.uk-pid16070442/default.aspx?unitid=29yzrpeDnwdyhcreucsdwhvedOkhOvp
These directives are to be e-mailed and followed by all clients of the Natwest Bank On-line Banking
NatWest Bank does apologize for the inconveniences caused to you, and is very grateful for your help.
If you are not customer of NatWest Bank On-line Banking please delete this e-mail!
--- This is robot generated message please do not reply ---
© 2007 NatWest UK. All Rights Reserved.
Tuesday 18 December 2007
Your Online Account With Intelligent Finance!
After a quiet few days on the Phishing front, they are piling through now. Here's one that's just arrived this minute.
It's text based with just the IF logo at the top of the email. The link actually directs you to a site itkfjv.cn, not the real IF.com website!
Other clues are the fact that it's not personalised and was actually sent to a different email address than my own!
Here's the email:
Dear Intelligent Finance Customer,
Intelligent Finance Client Service Team requests you to complete the Customer Confirmation Form (CCF).
This procedure is obligatory for all clients of Intelligent Finance.
Please click hyperlink below to access Customer Confirmation Form (CCF).
https://my.if.com/_mem_bin/formslogin.asp?id=0589kf84oBE34
Thank you for choosing Intelligent Finance for your banking needs.
! Please do not respond to this email.
This mail generated by an automated service.
It's text based with just the IF logo at the top of the email. The link actually directs you to a site itkfjv.cn, not the real IF.com website!
Other clues are the fact that it's not personalised and was actually sent to a different email address than my own!
Here's the email:
Dear Intelligent Finance Customer,
Intelligent Finance Client Service Team requests you to complete the Customer Confirmation Form (CCF).
This procedure is obligatory for all clients of Intelligent Finance.
Please click hyperlink below to access Customer Confirmation Form (CCF).
https://my.if.com/_mem_bin/formslogin.asp?id=0589kf84oBE34
Thank you for choosing Intelligent Finance for your banking needs.
! Please do not respond to this email.
This mail generated by an automated service.
WILL FOR CHARITY
Here's one that made it through to my personal email address - the spam blockers didn't detect it. It's the usual "I don't know you but want you to have a load of cash" scam.
Why do they send this sort of email? Well luckily, I've just created a new email address to use to reply to this sort of scam. No doubt replying to a few emails will get it inundated with even more rubbish - for me to publish here. But if you want to follow the replies, have a look here. They will be posted as received.
Here's the email content.
Assistance
This letter may come to you as a surprise due to the fact that we have Not yet met. I have to say that I have no intentions of causing you any Pains so I decided to contact you through this medium. I got your Contact through a personal search via the internet. As you read this, I don't want you to feel sorry for me, because, I Believe everyone will die someday.
My name is Jennifer Wilson I am a dying woman who have decided to donate What I have to you/ church/charity Organizations. I am 64 years old and I was diagnosed with esophageal Cancer for about 7 Years ago, immediately after the death of my husband who lived all his Life in America, who has left me everything he worked for.
I have not particularly lived my life so well, as I never really cared For anyone. Though I am very rich, I was never generous, I was always hostile to people and only focus on my self as that was the only thing I Cared for. But now I regret all this as I now know that there is more to life than just wanting to have or make all the money in the world. I Believe when God gives me a second chance to come to this world I would Live my life a different way from how I have lived it. Now that I know My time is near I have been touched by God to donate from what I have Inherited from my late husband for the good work of God, rather than Allow my relatives to use my husband hard earned funds ungodly.
So far, I have distributed money to some charity organizations in the U.A.E, London and Ireland. Now that my health has deteriorated so badly, I cannot do this my self any more. I once asked members of my family to Close one of my accounts and donate the money, which I have there to Charity organization in Bulgaria; they refused and kept the money to Themselves.
Hence, I do not trust them anymore, as they seem not to be contended With what I have left for them. The last of my money which is the huge Cash deposit that I have with Financial Firm Abroad .I will want you to Help me collect this deposit and dispatched it to charity organizations And let them know that it is me Jennifer Wilson that is making this Generous donation.
I am writing this from my laptop computer in my hospital bed where I wait for my time to come. I pray that God uses you to support and assist Me with good heart Please pray that the good Lord forgive me my sins. I have asked God to Forgive me and I believe he has because He is a merciful God. I will be Going in for an operation in less than few days. I decided to WILL/donate the money to you for the good work of the lord, And also to help the motherless and less privilege and also for the Assistance of the widows according to (JAMES 1:27).
I took this decision because I do not have any child that will inherit This money and my husband relatives are not inclined to helping poor Persons and I do not want my husband's hard earned money to be misused Or spent in the manner in which my late husband did not specify. At the moment I cannot take any telephone calls right now due to the Fact that my relatives are around me and my health status. I wish you All the best and May the good Lord bless you abundantly, and please use The funds well and always extend the good work to others.
NB: I will appreciate your utmost confidentiality in this matter until The task is accomplished as I don't want anything that will jeopardize My last wish. And Also I will be contacting with you by email as I don't Want my relation or anybody to know because they are always around me.
Regards,
Jennifer Wilson
Please contact me through the email address below
[email removed]
Why do they send this sort of email? Well luckily, I've just created a new email address to use to reply to this sort of scam. No doubt replying to a few emails will get it inundated with even more rubbish - for me to publish here. But if you want to follow the replies, have a look here. They will be posted as received.
Here's the email content.
Assistance
This letter may come to you as a surprise due to the fact that we have Not yet met. I have to say that I have no intentions of causing you any Pains so I decided to contact you through this medium. I got your Contact through a personal search via the internet. As you read this, I don't want you to feel sorry for me, because, I Believe everyone will die someday.
My name is Jennifer Wilson I am a dying woman who have decided to donate What I have to you/ church/charity Organizations. I am 64 years old and I was diagnosed with esophageal Cancer for about 7 Years ago, immediately after the death of my husband who lived all his Life in America, who has left me everything he worked for.
I have not particularly lived my life so well, as I never really cared For anyone. Though I am very rich, I was never generous, I was always hostile to people and only focus on my self as that was the only thing I Cared for. But now I regret all this as I now know that there is more to life than just wanting to have or make all the money in the world. I Believe when God gives me a second chance to come to this world I would Live my life a different way from how I have lived it. Now that I know My time is near I have been touched by God to donate from what I have Inherited from my late husband for the good work of God, rather than Allow my relatives to use my husband hard earned funds ungodly.
So far, I have distributed money to some charity organizations in the U.A.E, London and Ireland. Now that my health has deteriorated so badly, I cannot do this my self any more. I once asked members of my family to Close one of my accounts and donate the money, which I have there to Charity organization in Bulgaria; they refused and kept the money to Themselves.
Hence, I do not trust them anymore, as they seem not to be contended With what I have left for them. The last of my money which is the huge Cash deposit that I have with Financial Firm Abroad .I will want you to Help me collect this deposit and dispatched it to charity organizations And let them know that it is me Jennifer Wilson that is making this Generous donation.
I am writing this from my laptop computer in my hospital bed where I wait for my time to come. I pray that God uses you to support and assist Me with good heart Please pray that the good Lord forgive me my sins. I have asked God to Forgive me and I believe he has because He is a merciful God. I will be Going in for an operation in less than few days. I decided to WILL/donate the money to you for the good work of the lord, And also to help the motherless and less privilege and also for the Assistance of the widows according to (JAMES 1:27).
I took this decision because I do not have any child that will inherit This money and my husband relatives are not inclined to helping poor Persons and I do not want my husband's hard earned money to be misused Or spent in the manner in which my late husband did not specify. At the moment I cannot take any telephone calls right now due to the Fact that my relatives are around me and my health status. I wish you All the best and May the good Lord bless you abundantly, and please use The funds well and always extend the good work to others.
NB: I will appreciate your utmost confidentiality in this matter until The task is accomplished as I don't want anything that will jeopardize My last wish. And Also I will be contacting with you by email as I don't Want my relation or anybody to know because they are always around me.
Regards,
Jennifer Wilson
Please contact me through the email address below
[email removed]
Sunday 16 December 2007
Hsbc Secure Profile Update Confirmation
This one takes a different approach to most. It claims the bank have found an error in the account, which turns out to be a potential compromise of your security. So you have to confirm the security details to reactivate your account.But it's these security details that (the email claims) people have been trying to hack. Again, as with the HSBC Phishing Email of 24 November, the person has registered hsbc-banknetservices.co.uk with the same UK host. I know that host has has problems with people's accounts being breached, so presume they are still continuing. The email has been forwarded to them so hopefully the domain will be removed tomorrow. Just hope that doesn't mean the passwords all have to change again...
The grammar in the email isn't great, which is always a good giveaway of a phishing email. It's also not personalised, but it is at least only sent to one email address at a time - that's blanked out for my security. Here's the contant:
Update Your Account Information
Dear Valued HSBC Customer,
During our regularly scheduled account maintenance and verification procedures, we have detected a slight error in your account information.
This might be due to either of the following reasons:
1. A recent change in your personal information ( i.e. change of address,e-mail address).
2.Multiple login attempt error while login in to your online HSBC account
3. An inability to accurately verify your selected option of payment due to an internal error. We have believed that someone other than you is trying to access your account. For security reasons,we have temporarily suspend your account and your access to online banking will be restricted if you fail to update and re-confirm your membership details
Confirm your HSBC Online Account now to enjoy the benefits of online banking and finance and to avoid fraudulent activites on your account.
Note: We will be upgrading our yearly SSL server to prevent fraudlent activity Please click on the refrence below to initiate the verification process.
Update Your Account
Friday 14 December 2007
Official Information To All Abbey National Bank Internet Banking Clients
A very similar email to the one shown yesterday and again with the disclaimer about it going to irrellevant recipients. Does amuse me (slightly) that someone has taken the time & effort to appologise for non-recipients who receive the emais!But, of course, it's fake and an attempt to rob people of their hard earned savings. So I shouldn't be so light hearted.
The domain used for the link is ksetpon.com and does have a few references to it when I searched in Google. Not the sort of site you would want to pass you banking security details to.
Should you have pressed the link and entered any details at all, please phone the Abbey straight away (get their contact number from a statement, card or visit a branch).
Here's the email.
Abbey National UK
Dear Abbey E-banking Online member!
Our Technical Unit is running an arranged E-banking Online Service upgrade
By clicking on the link below please open the procedure of the member login confirmation:
http://myonlineaccounts4.abbeynational.co.uk.poolid363/CentralLogonWeb/Logon.html?site=26ecydeDsdcyudfnscoozkOkhOvp
These directions are to be emailed and followed by all customers of the Abbey National Bank Electronic Banking
Abbey does apologize for any troubles caused to you, and is very grateful for your help.
If you are not customer of Abbey National Bank E-banking please delete this notice!
--- This is robot generated e-mail, please do not reply ---
© 2007 Abbey National Bank E-banking Online. All Rights Reserved.
Thursday 13 December 2007
Abbey National OnLine Banking Verification Process
This email seems to be from the same people that sent a few Abbey Phishing Emails a few weeks ago. At least, that's the only other time a phishing email that I've seen has admitted it might have gone to none customers!"If you are not customer of Abbey National Bank OnLine Banking please disregard this e-mail!" is a great line - why would Abbey be sending this email to the entire world - not just it's customers. A real give away that someone is up to no good. I won't mention the destination of the link as it may actually be an innocent site as the home page seems OK. There's no way of knowing whether they are unknowingly hosting these pages. My own hosts had this problem a while back.
Here's the email.
Abbey National Bank United Kingdom
Dear Abbey E-banking Online user!
Our Maintenance Division is performing a planned eBanking Service upgrade
By clicking on the link below please begin the procedure of the user details authorization:
http://myonlineaccounts5.abbey.com.host361/CentralLogonWeb/Logon.html?refid=28yzrpeDsdcywhbduhspzraOhsaOvp
These directives are to be e-mailed and followed by all clients of the Abbey Internet Banking
Abbey does apologize for the inconveniences caused to you, and is very grateful for your cooperation.
If you are not customer of Abbey National Bank OnLine Banking please disregard this e-mail!
--- This is an automated e-mail please do not respond ---
© 2007 Abbey eBanking Online. All Rights Reserved.
Your Online Account With Intelligent Finance!
Apart from the IF logo and an email address in the to field (but not an email I use) this is a bog standard text email designed to part you from your hard earned cash.
This one doesn't attempt to make any excuses for why you suddenly have to validate your account details - it just says yu have to do it. But, of course, it's got nothing to do with the bank. The target URL is nawolb.cn, which I've seen listed elsewhere as targeting other banks today.
Don't click the link, just believe me that it's not a genuine email! Phone them if you are in any way worried.
Here's the email.
Dear Intelligent Finance Customer,
Intelligent Finance Client Service Team requests you to complete the Customer Confirmation Form (CCF).
This procedure is obligatory for all clients of Intelligent Finance.
Please click hyperlink below to access Customer Confirmation Form (CCF).
https://my.if.com/_mem_bin/formslogin.asp?id=0589kf84oBE34
Thank you for choosing Intelligent Finance for your banking needs.
! Please do not respond to this email.
This mail generated by an automated service.
This one doesn't attempt to make any excuses for why you suddenly have to validate your account details - it just says yu have to do it. But, of course, it's got nothing to do with the bank. The target URL is nawolb.cn, which I've seen listed elsewhere as targeting other banks today.
Don't click the link, just believe me that it's not a genuine email! Phone them if you are in any way worried.
Here's the email.
Dear Intelligent Finance Customer,
Intelligent Finance Client Service Team requests you to complete the Customer Confirmation Form (CCF).
This procedure is obligatory for all clients of Intelligent Finance.
Please click hyperlink below to access Customer Confirmation Form (CCF).
https://my.if.com/_mem_bin/formslogin.asp?id=0589kf84oBE34
Thank you for choosing Intelligent Finance for your banking needs.
! Please do not respond to this email.
This mail generated by an automated service.
Wednesday 12 December 2007
NatWest - REF# 3101 Important Information Regarding Your Account
A plain looking text message, no fancy graphics, but none the less totally dangerous. The code does its best to break up words that could mean spam blockers detects it.
The link actually points to 'http://7848198702/./~urodr/./sso/r2.php?cdn=[email address] and they do attempt to personalise the email by saying Dear [email address]. But what bank would write to me and address me as my email address?
And why on earth would a bank need a reminder of your security details just because it had upgraded its own website? They know the details, they have no reason to ask or to test you on them. If ever you are asked the security details other than when you are expecting to be asked them, either refuse to continue or offer something different. If they accept the wrong information you know they are trying to con you. But don't think that because they ask you to repeat them that means the know they were wrong.
Here's the email.
Dear [email address],
Natwest's Internet Banking, is here by announcing the New Security Upgrade.
We've upgraded our new SSL servers to serve our customers for a better
and secure banking service, against any fraudulent activities.
Due to this recent upgrade, you are requested to update your account
information by following the reference below
Reference*
https://www.natwest.com/default.aspx?refererident=4811756850A8E3C53
We appreciate your business. It's truly our pleasure to serve you.
NatWest Customer Care
This email is for notification only. To contact us, please log
into your account and send a Bank Mail.
The link actually points to 'http://7848198702/./~urodr/./sso/r2.php?cdn=[email address] and they do attempt to personalise the email by saying Dear [email address]. But what bank would write to me and address me as my email address?
And why on earth would a bank need a reminder of your security details just because it had upgraded its own website? They know the details, they have no reason to ask or to test you on them. If ever you are asked the security details other than when you are expecting to be asked them, either refuse to continue or offer something different. If they accept the wrong information you know they are trying to con you. But don't think that because they ask you to repeat them that means the know they were wrong.
Here's the email.
Dear [email address],
Natwest's Internet Banking, is here by announcing the New Security Upgrade.
We've upgraded our new SSL servers to serve our customers for a better
and secure banking service, against any fraudulent activities.
Due to this recent upgrade, you are requested to update your account
information by following the reference below
Reference*
https://www.natwest.com/default.aspx?refererident=4811756850A8E3C53
We appreciate your business. It's truly our pleasure to serve you.
NatWest Customer Care
This email is for notification only. To contact us, please log
into your account and send a Bank Mail.
YOUR EMAIL ADDRESS WON THIS YEAR EURO MILLION LOTTERY
Here's the old 'you have won a fantastic lottery prize in a lottery you have never entered' con. First warning (apart from not actually entering the lottery) is that if my specific email address has won the prize why didn't they email it to my email address, but to undisclosed-recipients!
A couple of other notes from a quick glance through it. They ask for the recipient not to mention their win - I expect that's so that anyone falling for it doesn't mention it to other people who might point out it's a con, or even show them their identical email.
The details they ask for appear relatively harmless, just contact details. They then have your email address for certain to sell on to other people, and the scam is likely to unfold with a request for a payment for the transfer fees. Pay them, then never hear from them again.
Remember the lottery saying - you have got to be in it to win it. If you haven't entered, you can't have won. Bin the email.
Here it is:
Computer Ballot Sweeptakes Email Award 2007.
(Euromillion loteria Espanol Award 2007).
www.loteria.com
Paseo De La castellana
15-89, 28008 Madrid.
Spain ,Branch.
Ref No.ES/037/11/06/MD
Batch No: WNTO/7416/VA/ES
Lucky No: 07-13-31.54-640
Serial No: MUOTI/82536
YOUR E-MAIL ADDRESS WON THIS YEAR EURO MILLION LOTTERY.
Sir/Madam,
We wish to congratulate you of the release of the result of the
Euromillion loteria Espanol Award 2007 held on 4th December 2007 in Spain
Madrid. Your name attached to the Batch No: WNTO/7416/VA/ES with serial
number MUOTI/82536 drew the lucky number 07-13-31.54-640 which
consequently won the lottery in the category A.
This is a Millennium Scientific Computer Game in which email addresse were
used. It is a promotional program aimed at encouraging internet users;
therefore you do not need to buy ticket to enter for it. You have been
approve for the star prize of ?987:000:00 (Nine Hundred And Eighty Seven
Thousand Euros Only).which was Awarded to your Email Address when rolled
in an Email Sweepstakes program held by the Euromillion loteria Espanol
Award 2007 Email Promotion.
To claim your winning prize you are to contact the appointed agent as
soon as possible for the immediate release of your winnings,
You must contact the PAYING BANK with the following informations below:
Name:.............................
Age:..............................
Sex:..............................
Address:..........................
Email:............................
Phone:............................
Occupation:.......................
Company:..........................
Country:..........................
Appointed Paying Bank Agent Contact is as below:
Bank Name:LA CAIXA BANK MADRID
CONTACT PERSON:MR TYSON SMITH
Tel : +34-634-0682-37
Fax : +34-917-889-838
Email:infolacaixabaca@web2mail.com
The Validity period of the winnings is for 20 working days hence you are
expected to make your claims immediately, any claim not made before this
date will be returned to the MINISTERIO DE E CONOMIA Y HACIENDA .
Note:You are advised to keep this winning very confidential until you
receive your lump prize in your account or optional cheque issuance
to you,This is a protective measure put in place to avoid people
applying for your winnig fund,as we have had cases like this before.
And in order to avoid unnecessary delays and complications, please
remember to quote your reference and batch numbers in every of your
correspondence with our Claim agent Furthermore, should there be any
change of your address, do inform your claims agent as soon as
possible. Congratulations again from all members of our staff and
thank you for being a part of our promotion program.
Best Regards,
Mrs.Deboral Miguel.
Program Cordinator.
A couple of other notes from a quick glance through it. They ask for the recipient not to mention their win - I expect that's so that anyone falling for it doesn't mention it to other people who might point out it's a con, or even show them their identical email.
The details they ask for appear relatively harmless, just contact details. They then have your email address for certain to sell on to other people, and the scam is likely to unfold with a request for a payment for the transfer fees. Pay them, then never hear from them again.
Remember the lottery saying - you have got to be in it to win it. If you haven't entered, you can't have won. Bin the email.
Here it is:
Computer Ballot Sweeptakes Email Award 2007.
(Euromillion loteria Espanol Award 2007).
www.loteria.com
Paseo De La castellana
15-89, 28008 Madrid.
Spain ,Branch.
Ref No.ES/037/11/06/MD
Batch No: WNTO/7416/VA/ES
Lucky No: 07-13-31.54-640
Serial No: MUOTI/82536
YOUR E-MAIL ADDRESS WON THIS YEAR EURO MILLION LOTTERY.
Sir/Madam,
We wish to congratulate you of the release of the result of the
Euromillion loteria Espanol Award 2007 held on 4th December 2007 in Spain
Madrid. Your name attached to the Batch No: WNTO/7416/VA/ES with serial
number MUOTI/82536 drew the lucky number 07-13-31.54-640 which
consequently won the lottery in the category A.
This is a Millennium Scientific Computer Game in which email addresse were
used. It is a promotional program aimed at encouraging internet users;
therefore you do not need to buy ticket to enter for it. You have been
approve for the star prize of ?987:000:00 (Nine Hundred And Eighty Seven
Thousand Euros Only).which was Awarded to your Email Address when rolled
in an Email Sweepstakes program held by the Euromillion loteria Espanol
Award 2007 Email Promotion.
To claim your winning prize you are to contact the appointed agent as
soon as possible for the immediate release of your winnings,
You must contact the PAYING BANK with the following informations below:
Name:.............................
Age:..............................
Sex:..............................
Address:..........................
Email:............................
Phone:............................
Occupation:.......................
Company:..........................
Country:..........................
Appointed Paying Bank Agent Contact is as below:
Bank Name:LA CAIXA BANK MADRID
CONTACT PERSON:MR TYSON SMITH
Tel : +34-634-0682-37
Fax : +34-917-889-838
Email:infolacaixabaca@web2mail.com
The Validity period of the winnings is for 20 working days hence you are
expected to make your claims immediately, any claim not made before this
date will be returned to the MINISTERIO DE E CONOMIA Y HACIENDA .
Note:You are advised to keep this winning very confidential until you
receive your lump prize in your account or optional cheque issuance
to you,This is a protective measure put in place to avoid people
applying for your winnig fund,as we have had cases like this before.
And in order to avoid unnecessary delays and complications, please
remember to quote your reference and batch numbers in every of your
correspondence with our Claim agent Furthermore, should there be any
change of your address, do inform your claims agent as soon as
possible. Congratulations again from all members of our staff and
thank you for being a part of our promotion program.
Best Regards,
Mrs.Deboral Miguel.
Program Cordinator.
Tuesday 11 December 2007
Egg - Message Alert - You Have 1 Unread Message
A sneaky type here, instead of trying to trick you into believing your account will be closed if you don't remind the bank of your security questions, this email simply tells you that there is a message to be read. It did arrive twice - don't know whether that's part of the ruse or accident.As always, it's not personalised and the website that is the target of the link is obviously not egg. Don't click the link if you have received this email, there's no way of knowing what damage that might cause.
Here's the email:
Dear Valued Customer,
You have a new message waiting in your Inbox Folder.
Click here to read.
Best Regards.
The Egg Bank plc Security Department Team.
* Please do not reply to this email as your reply will not be received.
Sunday 9 December 2007
Nat West - please confirm your information!
Another of the text only variety, but again in HTML format. This time, the sender isn't even sure of the bank's name, opting to put in two different formats in the 'welcome' line.
This time the target URL is http://www.natwest.com.mytrud0.com.ph/securesession/action.aspx?refererident=871971920273340340702164122028565785710983520586120712. An attempt to trick the unwary by including natwest.com in the subdomain, but not if you look carefully at the URL. I suppose though it does take an understanding of how URLs are made it to know that it is fake.
Again, it's made no attempt to personalise the email - just sent to 'customer'. Why anyone would have to complete a form so that a bank could change it's system isn't really believable, but some people must go for it else these emails wouldn't be circulating and I wouldn't be publishing them as warnings.
Don't touch the link - you never know what the target page might install on your machine. Here's the email content.
Dear National Westminster Bank (NatWest Bank) customer,
We regularly perform scheduled maintenance for our OnLine Banking customers. We intend upgrading our OnLine Banking security server for better online services.
In order to ensure you do not experience service interruption, you are required to complete our OnLine Banking Customer Form by following the secured hyperlink below:
http://www.natwest.com/securesession/action.aspx?refererident=871971920273340340702164122028565785710983520586120712
Thank you for banking with National Westminster Bank, the industry leader in safe and secure online banking.
National Westminster Bank Customer Service
__________________________________________________________
National Westminster Bank © 2007
This time the target URL is http://www.natwest.com.mytrud0.com.ph/securesession/action.aspx?refererident=871971920273340340702164122028565785710983520586120712. An attempt to trick the unwary by including natwest.com in the subdomain, but not if you look carefully at the URL. I suppose though it does take an understanding of how URLs are made it to know that it is fake.
Again, it's made no attempt to personalise the email - just sent to 'customer'. Why anyone would have to complete a form so that a bank could change it's system isn't really believable, but some people must go for it else these emails wouldn't be circulating and I wouldn't be publishing them as warnings.
Don't touch the link - you never know what the target page might install on your machine. Here's the email content.
Dear National Westminster Bank (NatWest Bank) customer,
We regularly perform scheduled maintenance for our OnLine Banking customers. We intend upgrading our OnLine Banking security server for better online services.
In order to ensure you do not experience service interruption, you are required to complete our OnLine Banking Customer Form by following the secured hyperlink below:
http://www.natwest.com/securesession/action.aspx?refererident=871971920273340340702164122028565785710983520586120712
Thank you for banking with National Westminster Bank, the industry leader in safe and secure online banking.
National Westminster Bank Customer Service
__________________________________________________________
National Westminster Bank © 2007
Yorkshire Bank - Important Security Message
Apart from showing the bank's logo at the top of the email, this one made no real attempt to convince the recipients. The link goes to a webfusion address (wvps212-241-220-237.vps.webfusion.co.uk/home.ybonline.co.uk/secure_login/secure.php), not really anything like the bank's own address.
'Dear Valued Customer' as well - not what a bank would really put. And if there were such serious goings on with an account, would a bank really depend on emails or give you a phone call?
Here's the email contents, not at all convincing.
Unauthorized Transactions on your Internet Banking
Dear Valued Customer,
Our utmost concern is the security of our online banking users. In this effect,
we do proper verification on all transactions done on our secured online banking servers.
Several attempts to log on to your account were detected on our secured servers and as a matter of our improved online banking security measures, We have decided to temporarily suspend your online banking access.
You will not be able to access your online account unless you re-activate your online access but in order to do so, you will have to confirm your details by Logging on to your account to complete the verification process set out for you before we can retrieve your online access.
Please, Log on through our secure reference: Click Here
We are indeed sorry for the inconveniencies we have caused you, but also remember that as a Ybonline Bank customer, your security remains our greatest priority.
Sincerely,
David Thorburn
Security Department
Ybonline Internet Banking
'Dear Valued Customer' as well - not what a bank would really put. And if there were such serious goings on with an account, would a bank really depend on emails or give you a phone call?
Here's the email contents, not at all convincing.
Unauthorized Transactions on your Internet Banking
Dear Valued Customer,
Our utmost concern is the security of our online banking users. In this effect,
we do proper verification on all transactions done on our secured online banking servers.
Several attempts to log on to your account were detected on our secured servers and as a matter of our improved online banking security measures, We have decided to temporarily suspend your online banking access.
You will not be able to access your online account unless you re-activate your online access but in order to do so, you will have to confirm your details by Logging on to your account to complete the verification process set out for you before we can retrieve your online access.
Please, Log on through our secure reference: Click Here
We are indeed sorry for the inconveniencies we have caused you, but also remember that as a Ybonline Bank customer, your security remains our greatest priority.
Sincerely,
David Thorburn
Security Department
Ybonline Internet Banking
Saturday 8 December 2007
HSBC - New Online Security Enhancement (re-activate your account details)
It's the usual pretend threat - 'we have changed our system - reinput your security details in the next 48 hours or you lose your access'.An interesting contradiction in the email. The first paragraph suggests you renew your details, half way down the threat that you have 48 hours else your account is suspended. No bank would ever say that your account would be suspended if you don't remind them of your security details. They know them all already - why would they need you to enter them again?
It's also not personalised - 'Dear Sir/Madam' and sent to a mass circulation list - to 'undisclosed-recipients'. And if you hove the mouse over the URL (don't click on it, please, you don't know what might happen on the target website) it's not a URL, it's the IP address of a website.
Don't believe the email. Don't do anything the email asks you to, just delete it.
Here's the text of the email:
Dear Sir/Madam,
We are glad to inform you that our bank has a new security system. The updated technology will insure the security of your payments trough our bank. Hoping you'll understand that we are doing this for your own safety, we suggest you to renew your account .
Once you have renew your records, your session will not be interrupted and will continue as normal.
To renew your HSBC Bank PLC. account information click on the following link.
https://www.hsbc.co.uk/1/2/jsessionid=0000m2abf5g6
Note: If we do not receive the appropriate account verification within 48 hours, the account will be suspended.
The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community .
HSBC Bank plc 2002 - 2007
Security Advisor
J. S. Smith
--------------------------------------------------------------------------------
Please do not reply to this e-mail. Mail sent to this address cannot be answered.
For assistance, log in to your HSBC Online Bank account and choose the "Help" link on any page.
HSBC Email ID # 1009
Friday 7 December 2007
Tony Wikke - your assistance needed
Another one of these emails where someone is apparently going to trust you with millions of dollars and then give you a nice commission for laundering it for them. Do people really fall for these still?
If they really were going to do it, I'm sure anyone concerned would get into a lot of trouble. As it is, no doubt you have to pay for the receipt of the parcels and you can bet that either you never see any parcels and never hear from them again once you have parted with your cash.
Don't bother with it. Here's the content of the email.
From:Mr Tony Wikke.
Abidjan, Ivory Coast West Africa
Tel:+225.45412625.
Email:vice_tony38@yahoo.com
Dear Friend,
It is my sincere pleasure as at the moment to exhibit my total trust bestowed on you.
Brief introduction, I am Mr Tony Wikke the personal assistant to the vice president of cote d'ivoire and we soliciting for your assistance to provide for us an overseas account where we can transfer the sum of $25. MILLION UD DOLLARS which we incured in over-invoicement with an ukrain firm which supplies amination during civil crise in this country.
I want a more concrete arrangement in couriering to your doorstep, a total of US$5million through a diplomatic delivery means in your name, which you have to lodge into a virgin account, for the account to be able to accommodate a total amount of US$25.Million US without suspect, for Funding of Companies with your help in your country.
Note: That I decided against transferring all these funds through K.T.T direct to your account or to the virgin account for some reasons I know may attract some eyebrows:
1) The knowledgement of the African Developement bank (ADB) as to monitor all outgoing funds across the nations and must be to the awareness of the apex bank, which is the ADB.
2) As regulated and highly prohibited against civil servants, I am under the cash regulation policy.
I have gone into arrangement with a Courier company through their diplomatic means that ships cargoes from Ivoire Cost to your country, Understand that I have discussed extensively with them,to assist me undertake the delivery of a personal consignment to your country as a personal/family valuables, to be delivered at your doorstep with your full names as the beneficiary.
Thank God Almighty, they accepted without argument, as they are aware of my standard in Government and in the banking institution with the Government of Cote d Ivoire.All I am expecting from you, as a matter of urgency is your receiving address, your complete name as the recipient of the package, including your direct 24hours open Cell/Mobile Number where they can reach you on their arrival to your country.
Be informed that I have packaged the money in three metallic official boxes as in the name of a family valuables,But one to leave first. The Courier company are leaving for your country by next one or two weeks. I urgently want your receiving address, your full name and your cell phone to be open 24 hours, so as to enable them,contact you on their arrival for immediate delivery at your doorstep.
You only have to keep them well entertained at your wish. Mail me immediately on your receipt of this mail as you can see, it is very important we talk with each other before the courier will be leaving as I have arranged with them. Please Understand that we should not entertain any sign of disappointment to the courier company in order not to keep them stranded at the Airport because the transaction is risk free as long honsety is our watch word.
A renounced reward will be discussed immediatly we come into accord.
I look forward for your immediate response.
Best regards,
Mr Tony Wikke.
If they really were going to do it, I'm sure anyone concerned would get into a lot of trouble. As it is, no doubt you have to pay for the receipt of the parcels and you can bet that either you never see any parcels and never hear from them again once you have parted with your cash.
Don't bother with it. Here's the content of the email.
From:Mr Tony Wikke.
Abidjan, Ivory Coast West Africa
Tel:+225.45412625.
Email:vice_tony38@yahoo.com
Dear Friend,
It is my sincere pleasure as at the moment to exhibit my total trust bestowed on you.
Brief introduction, I am Mr Tony Wikke the personal assistant to the vice president of cote d'ivoire and we soliciting for your assistance to provide for us an overseas account where we can transfer the sum of $25. MILLION UD DOLLARS which we incured in over-invoicement with an ukrain firm which supplies amination during civil crise in this country.
I want a more concrete arrangement in couriering to your doorstep, a total of US$5million through a diplomatic delivery means in your name, which you have to lodge into a virgin account, for the account to be able to accommodate a total amount of US$25.Million US without suspect, for Funding of Companies with your help in your country.
Note: That I decided against transferring all these funds through K.T.T direct to your account or to the virgin account for some reasons I know may attract some eyebrows:
1) The knowledgement of the African Developement bank (ADB) as to monitor all outgoing funds across the nations and must be to the awareness of the apex bank, which is the ADB.
2) As regulated and highly prohibited against civil servants, I am under the cash regulation policy.
I have gone into arrangement with a Courier company through their diplomatic means that ships cargoes from Ivoire Cost to your country, Understand that I have discussed extensively with them,to assist me undertake the delivery of a personal consignment to your country as a personal/family valuables, to be delivered at your doorstep with your full names as the beneficiary.
Thank God Almighty, they accepted without argument, as they are aware of my standard in Government and in the banking institution with the Government of Cote d Ivoire.All I am expecting from you, as a matter of urgency is your receiving address, your complete name as the recipient of the package, including your direct 24hours open Cell/Mobile Number where they can reach you on their arrival to your country.
Be informed that I have packaged the money in three metallic official boxes as in the name of a family valuables,But one to leave first. The Courier company are leaving for your country by next one or two weeks. I urgently want your receiving address, your full name and your cell phone to be open 24 hours, so as to enable them,contact you on their arrival for immediate delivery at your doorstep.
You only have to keep them well entertained at your wish. Mail me immediately on your receipt of this mail as you can see, it is very important we talk with each other before the courier will be leaving as I have arranged with them. Please Understand that we should not entertain any sign of disappointment to the courier company in order not to keep them stranded at the Airport because the transaction is risk free as long honsety is our watch word.
A renounced reward will be discussed immediatly we come into accord.
I look forward for your immediate response.
Best regards,
Mr Tony Wikke.
Thursday 6 December 2007
Another text only phishing email - targeted at Natwest customers. Not sure whether the Natwest do only use plain text emails or whether it's a sign that the phisher can't be bothered to to put together a convincing email.
The creator of this email did at least have the imagination to build natwest.co.m into the url of the domain that's clicked on, but are you really going to believe that http://www.natwest.com.yart5.ph/securesession/action.aspx?refererident=932829224366963694509822365637323403053095837632685180844548 is the bank's URL?
As always, not only is the URL incorrect, the email is not personalised and no bank would send such requests via email. Don't click the link. Don't visit the site - you don't know if it might attempt to install some spy ware. Leave well alone.
Dear National Westminster Bank (NatWest Bank) customer,
We regularly perform scheduled maintenance for our OnLine Banking customers. We intend upgrading our OnLine Banking security server for better online services.
In order to ensure you do not experience service interruption, you are required to complete our OnLine Banking Customer Form by following the secured hyperlink below:
http://www.natwest.com/securesession/action.aspx?refererident=
Thank you for banking with National Westminster Bank, the industry leader in safe and secure online banking.
National Westminster Bank Customer Service
--------------------------------------------------------------------------------
National Westminster Bank © 2007
The creator of this email did at least have the imagination to build natwest.co.m into the url of the domain that's clicked on, but are you really going to believe that http://www.natwest.com.yart5.ph/securesession/action.aspx?refererident=932829224366963694509822365637323403053095837632685180844548 is the bank's URL?
As always, not only is the URL incorrect, the email is not personalised and no bank would send such requests via email. Don't click the link. Don't visit the site - you don't know if it might attempt to install some spy ware. Leave well alone.
Dear National Westminster Bank (NatWest Bank) customer,
We regularly perform scheduled maintenance for our OnLine Banking customers. We intend upgrading our OnLine Banking security server for better online services.
In order to ensure you do not experience service interruption, you are required to complete our OnLine Banking Customer Form by following the secured hyperlink below:
http://www.natwest.com/securesession/action.aspx?refererident=
Thank you for banking with National Westminster Bank, the industry leader in safe and secure online banking.
National Westminster Bank Customer Service
--------------------------------------------------------------------------------
National Westminster Bank © 2007
Tuesday 4 December 2007
Egg - Security Upgrade
Here's a very good attempt at a phishing email. There's only one link within the entire email and that points to a very realistic looking URL. When I checked the Whois for the URL it has only been registered this morning, so no clues as to where it is registered, but a copy of the email has gone to Egg for them to deal with.Pointers that it is fake:
1 - I don't have an Egg card - sorry, but this is a big pointer!
2 - It's not personalised.
3 - I'm not aware of banks ever sending this sort of email.
4 - The URL being brand new - Egg would use their own website.
Don't click the link - you never know what damage you might do to your machine.
Here's the content of the email:
Egg Banking Plc has been receiving complaints from our customers for unauthorised use of the Egg Online accounts. As a result we periodically review Egg Online Accounts and temporarily restrict access of those accounts which we think are vunerable to the unauthorised use.
This message has been sent to you from Egg Online Banking because we have noticed invalid login attempts into your account, due to this we are temporarily limiting and restricting your account access until we confirm your identity.
To confirm your identity and remove your account limitation please following the link below.
Monday 3 December 2007
Urgent Help - viginie toure
Here's an email scam letter that is doing the rounds. It's one of those 'wealthy gold merchant dies and the relatives need a trusty person to help them cash it' type of emails. People must still be falling for the promise of millions of dollars and replying with their details or these people would give up.
Them emails can work in a variety of ways. In the simplest form, by replying you are confirming that your address is correct and that you respond to spam. Then the sender might try to convince you to send them money. Maybe to pay for the admin charges to set up the transfer. Maybe they send you a cheque drawn on a foreign bank and then ask you to send them some of the cash back before it's cleared - or bounced as it no doubt will. As it's from a foreign bank, and no doubt fake, it could take a while to bounce and leave you with banking expenses if the exchange rate changes.
Don't believe these emails. It's not really possible to make over $6million that easily. You will just end up out of pocket and receiving loads more emails.
Here's the text. No picture for this one, was just a plain text email.
Dear,
I am writing this letter with due respect and heart full of tears since we have not known or met ourselves previously.
I am asking for your assistance after I have gone through a profile that speaks good of you. I will be so glad if you can allow and lead me to the right channel towards your assistance to my situation now.
I will make my proposal well known if I am given the opportunity. I would like to use this opportunity to introduce myself to you. well, I viginie toure 21years old girl and I know that this proposal might be a surprise to you but do consider it as an emergency.
In nutshell, My (late) father Mr. solomon toure was a very wealthy gold and cocoa merchant who based in Accra and Abidjan respectively. But he was killed along side with my mother during last two year's
Rabble attack and all his properties was totally destroyed.
However, after their death I managed to escape with a very important document (DEPOSIT CERTIFICATE (US$20.6m) Twenty million six hundred thousand U.S Dollars deposited by my late father in the bank which i am the next of kin.
Meanwhile, I am saddled with the problem of securing a trust worthy foreign personality to help me transfer the money over to his country and into his possession pending my arrival to meet with him.
Furthermore, you can contact the bank for confirmation and I will issue a letter of authorisation on your name, that will enable the bank to deal with you on my behalf.
I am giving you this offers as mentioned with every confidence on your acceptance to assist me or take me as your child and manage the money.
I am inclined to offer you 30% of the total sum as a mode of compensation for your effort after the successful transferring of these fund to your nominated account overseas
Conclusively, I wish you send me a reply immediately as soon as you receive this proposal.
I remain with the best regards
viginie toure.
Them emails can work in a variety of ways. In the simplest form, by replying you are confirming that your address is correct and that you respond to spam. Then the sender might try to convince you to send them money. Maybe to pay for the admin charges to set up the transfer. Maybe they send you a cheque drawn on a foreign bank and then ask you to send them some of the cash back before it's cleared - or bounced as it no doubt will. As it's from a foreign bank, and no doubt fake, it could take a while to bounce and leave you with banking expenses if the exchange rate changes.
Don't believe these emails. It's not really possible to make over $6million that easily. You will just end up out of pocket and receiving loads more emails.
Here's the text. No picture for this one, was just a plain text email.
Dear,
I am writing this letter with due respect and heart full of tears since we have not known or met ourselves previously.
I am asking for your assistance after I have gone through a profile that speaks good of you. I will be so glad if you can allow and lead me to the right channel towards your assistance to my situation now.
I will make my proposal well known if I am given the opportunity. I would like to use this opportunity to introduce myself to you. well, I viginie toure 21years old girl and I know that this proposal might be a surprise to you but do consider it as an emergency.
In nutshell, My (late) father Mr. solomon toure was a very wealthy gold and cocoa merchant who based in Accra and Abidjan respectively. But he was killed along side with my mother during last two year's
Rabble attack and all his properties was totally destroyed.
However, after their death I managed to escape with a very important document (DEPOSIT CERTIFICATE (US$20.6m) Twenty million six hundred thousand U.S Dollars deposited by my late father in the bank which i am the next of kin.
Meanwhile, I am saddled with the problem of securing a trust worthy foreign personality to help me transfer the money over to his country and into his possession pending my arrival to meet with him.
Furthermore, you can contact the bank for confirmation and I will issue a letter of authorisation on your name, that will enable the bank to deal with you on my behalf.
I am giving you this offers as mentioned with every confidence on your acceptance to assist me or take me as your child and manage the money.
I am inclined to offer you 30% of the total sum as a mode of compensation for your effort after the successful transferring of these fund to your nominated account overseas
Conclusively, I wish you send me a reply immediately as soon as you receive this proposal.
I remain with the best regards
viginie toure.
eBay Unpaid Item Mutual Agreement for Item #220167484319 - Response Required
This email isn't particularly clever. It appears to be intended to catch people on their Christmas shopping, but there are loads of giveaways that it's fake.First, it still contains the line "Your registered name is included to help confirm this message originated from eBay", which ebay emails do include. But, it's sent to "undisclosed recipients" and no name is mentioned.
Next, it asks for a reply by 11 November - yet it was sent 2nd December. Cleverely, evey link does point to the fake site. Nothing like the Ebay URL, no pretence has been made there. But having taken the trouble to copy an ebay email I'm sure they will also have copied the emay logon screens. They are doing as much as they can to find logon details.
They are attempting to exploit a weakness. I personally don't think any finacial company should ever email links, but as far as I know, it is still done by various people. If you receive an email like this, whether it's genuine or potentially fake, don't click the links. Just type in the correct URL into your browser and go from there.
Here's the content of the email
Dear member,
We are contacting you about the following item: RALPH LAUREN BLACK METALLIC BIG PONY POLO M BNWT SL (#220167484319)
The seller, purplestarshines tells us you have mutually agreed not to complete the transaction (either because you returned or are returning the item for a refund, or because there was a misunderstanding) and has requested a credit for their eBay fees.
Please respond by 11-Nov-2007 so eBay knows whether you have made this agreement.
Please note: You and the seller will still be able to leave feedback for each other regarding this transaction.
Thank you,
eBay
Details for item number: 220167484319
Item title: RALPH LAUREN BLACK METALLIC BIG PONY POLO M BNWT SL
Item URL: http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=220167484319
End date: Friday, 02 Nov, 2007 18:50:54 GMT
Quantity: 1
Dispute URL: http://feedback.ebay.com/ws/eBayISAPI.dll?ViewDisputeConsole&DisputeType=1
Date dispute was opened: Sunday, 04 Nov, 2007 17:03:03 GMT
Saturday 1 December 2007
*** Important Notice from Lloyds TSB Bank Security Center ***
Just when I thought the phishers have removed me from all lists, one finally arrives.This is another one that pinches graphics from the genuine website, but the link is certainly far from genuine. The domain appears to be registered to someone in Los Angeles, and it's not a new domain. So it's possible the website owner doesn't even know they have this sitting on their website. But a Google search on the site doesn't reveal any pages, strange for a 3 year old site.
So don't press the link, don't visit the site - the content can't be guaranteed to be harmless. Here's a text version of the email.
Dear Valued Customer,
Be confident you're protected with Lloyds TSB BankSecure
We're committed to protecting you when you bank with us. Our industry-standard levels of security ensure that you can always access your Lloyds TSB accounts online with confidence.
To ensure you are always protected, we are introducing a new programme of security initiatives called BankSecure. Over the next few days, you'll see a number of initiatives that we'll put in place to make sure you stay secure and to help you protect your Internet banking information. We?re here to help you stay safe while banking online. Click the Personal log on button to proceed to Enrollment process
.
This update Email has being sent to all Lloyds TSB Bank customers, and it is compulsory to follow the update process, Failure to do so will cause problems with the Online banking in Future and immediate account suspension.
Thank you.
Online Banking Security Team
Online Services Security Department
©2007 Lloyds TSB Group plc.
Lloyds TSB Bank plc and Lloyds TSB Scotland plc are authorized and regulated by the Financial Services Authority and signatories to the Banking
Subscribe to:
Posts (Atom)