Another one targeting the NatWest today. This one has used the clever trick of stripping the email address in two and using the first part (before the @) as the To: display name, to give it a bit more authenticity.
Worryingly, the URL quite clearly also shows a field containing a compter_id = so they are tracking every email that's sent and which are clicked on.
The target URL is qwert2.hk, wich a subdomain that is used to make the link look realistic. The website does appear in a few Google search results as a suspected phishing site.
Here's the full details:
From: NatWest Bank Plc
Subject: Confirm your identity! (message id: [removed])
Displayed URL: http://www.natwest.com/
Destination URL: http://www.natwest.com.qwert2.hk/
NatWest Bank is committed to safeguarding customer information and combating fraud. We have implemented industry leading security initiatives, and our online banking services are protected by the strongest encryption methods and security protocols available. We continue to develop new solutions to provide our online banking services and their customers with confidence and security.
The added security measures require all NatWest Bank customers to complete on a regular basis Online Customer Form.
Please use the hyperlink below to access Online Customer Form:
http://www.natwest.com/onlinebanking/customerform.aspx?computer_id=[removed]
Thank you for banking with us!
NatWest Bank Customer Support
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment