Results 1 to 8 of 8

Thread: ABSA Bank Security Update Center phishing scam

  1. #1
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    20,978
    Thanks
    3,055
    Thanked 2,462 Times in 2,067 Posts
    Blog Entries
    12

    ABSA Bank Security Update Center phishing scam

    This is one of the scariest phishing scams I've seen yet. Thank goodness the grammar is so shocking (and that I don't actually have an ABSA account), but there are a number of reasons this phishing attempt is particularly impressive.

    Dear value Customer,a program as been developed in other to verify the existence of your account with us.
    In the cause of this process we developed an online security banking system (SentryBay) to protect your account.
    We require you to bear with us online for few minutes and follow the instructions as we will be sending you some sms for the verification purpose and it will be require in other to complete the Activation Program.

    Do find an Encryption attachement below and download to begin the program.
    ================================
    NB: Please do not reply to this email directly.
    To ensure a prompt and secure response, SIGN ON to email us.
    Absa Privacy and Security Department
    Copyright (c) 2011
    NB:Please do find your download Encryption on your computer inside downloads folder by extreme left on top corner under favorites.


    The email comes with an HTML attachment, which is where the mischief really starts to get scary.

    Then there's the preparation for the one time password SMS which you need to feed back to them.

    And finally, when I go digging into the properties of the email to track back the real sender, the forged portion of the header detail is absolutely brilliantly done. You could easily mistake the actual routing section was just an intermediary.
    The trouble with opportunity is it normally comes dressed up as work.

  2. #2
    Full Member kahoel117's Avatar
    Join Date
    Aug 2011
    Location
    cape town
    Posts
    61
    Thanks
    6
    Thanked 4 Times in 4 Posts

    Exclamation

    the crooks is getting too clever

    i'm at absa and what i do is put any email from any bank on my spam list. all banks is being targeted anyways.

    snail mail is always the best ...

  3. #3
    Email problem mother's Avatar
    Join Date
    Jul 2011
    Location
    Northwest Province
    Posts
    333
    Thanks
    31
    Thanked 45 Times in 35 Posts
    Blog Entries
    2
    I have been getting SO many phishing e-mails lately, I want to scream! I'm not kidding you, at least 4 or 5 per day! I block the senders as soon as I receive one, but of course there are always new crooks (or the same crooks with different addresses). I tell you, I SO badly want to reply to one of these mails, and tell them:

    "F%#^$k you! Do you think I'm a f&^$*king moron? You f%$^king a%^$hole! Stop pestering me, or I will f^&%$king hunt you down and f%$%king kill you!"

    But I don't.

    Is there any way one can really BLOCK a sender, so the mail they send will bounce back to them, instead of just going to my Junkmail folder?

  4. #4
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    20,978
    Thanks
    3,055
    Thanked 2,462 Times in 2,067 Posts
    Blog Entries
    12
    Quote Originally Posted by mother View Post
    Is there any way one can really BLOCK a sender, so the mail they send will bounce back to them, instead of just going to my Junkmail folder?
    That's part of what stunned me with this one - it didn't get picked for junkmail status because of the authority of the sending route, and it pressed all the right "traceability" buttons. I'm trying to figure out if a good site got hacked or something, but this one had all the right stuff to maximise the chances of deliverability.

    The wording may be a bit dodge, but on a technical level the email was superb. Not only was it without all the hidden technical gremlins that normally make a phishing email easy to spot if you know where to look, it actually had credibility builders and genuine source verifiers in there.
    The trouble with opportunity is it normally comes dressed up as work.

  5. #5
    Silver Member geraldenek's Avatar
    Join Date
    Jul 2008
    Location
    Somerset West
    Posts
    229
    Thanks
    19
    Thanked 112 Times in 80 Posts
    Quote Originally Posted by Dave A View Post
    Thank goodness the grammar is so shocking.
    Shocking....the least they can do is make sure their grammar and spelling is correct....
    Geraldene Kapp
    Professional Tax Help
    www.mytaxhelp.co.za

  6. #6
    Full Member kahoel117's Avatar
    Join Date
    Aug 2011
    Location
    cape town
    Posts
    61
    Thanks
    6
    Thanked 4 Times in 4 Posts
    the banks know where the spam email comes from (source). cant they contact the relevant isp's to sort out the problem ?

  7. #7
    Diamond Member Justloadit's Avatar
    Join Date
    Nov 2010
    Location
    Johannesburg
    Posts
    2,671
    Thanks
    88
    Thanked 544 Times in 460 Posts
    Blog Entries
    1
    Quote Originally Posted by kahoel117 View Post
    the banks know where the spam email comes from (source). cant they contact the relevant isp's to sort out the problem ?
    Not really, because they change the source on every batch of spam. One reason for trying very hard to do spoofing is to fool the systems from where the email originates.
    Victor - Knowledge is a blessing or a curse, your current circumstances make you decide!
    Solar and LED lighting solutions - www.microsolve.co.za

  8. #8
    Gold Member Sparks's Avatar
    Join Date
    Dec 2009
    Location
    Port Elizabeth
    Posts
    826
    Thanks
    15
    Thanked 110 Times in 88 Posts
    The one I received was not even on a ABSA letterhead.

    When I checked the source to find the IP it actually said that it had originated from my own IP!!!

Similar Threads

  1. COC on shop in a shopping center
    By skatingsparks in forum Electrical Contracting Industry Forum
    Replies: 1
    Last Post: 29-Apr-10, 11:18 AM
  2. Absa security scam
    By duncan drennan in forum Scam Alert Forum
    Replies: 11
    Last Post: 28-Mar-10, 10:11 PM
  3. Security software scam
    By Dave A in forum Scam Alert Forum
    Replies: 1
    Last Post: 13-Jan-10, 02:12 PM
  4. Inane Call center operator scripts
    By Marq in forum Marketing Forum
    Replies: 6
    Last Post: 18-Aug-09, 03:47 PM
  5. Replies: 0
    Last Post: 22-Mar-07, 06:02 PM

Tags for this Thread

Did you like this article? Share it with your favourite social network.

Did you like this article? Share it with your favourite social network.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •