Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Absa security scam

  1. #1
    just me duncan drennan's Avatar
    Join Date
    Jun 2006
    Location
    Cape Town
    Posts
    2,642
    Thanks
    119
    Thanked 94 Times in 77 Posts

    Absa security scam

    An in my second scam mail for the day, this one from "Absa"...yeah right

    ----

    Subject: Product Configuration Available

    Dear Customer,

    During our security research, we observed that our new 2010 Security Certificate Portfolio Launch was not successfully instilled for your online account , you can complete this section with online security page below and the program security Certificate software will be automatically Launched to protect you from any online Phishing attacks and unauthorized access into your online account, you can also visit your nearest branch for this service Certificate.

    click below to activate

    [link to dodgy website goes here - this one had an IP address instead of a domain name]


    Absa Security Board.
    [SIGPIC]Engineer Simplicity[/SIGPIC]
    Turn ideas into products | The Art of Engineering blog

  2. Thanks given for this post:

    BBBEE_CompSpec (19-Dec-09)

  3. #2
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    20,979
    Thanks
    3,055
    Thanked 2,462 Times in 2,067 Posts
    Blog Entries
    12
    Quote Originally Posted by duncan drennan View Post
    this one had an IP address instead of a domain name
    That's actually quite a sneaky twist
    The trouble with opportunity is it normally comes dressed up as work.

  4. Thanks given for this post:

    BBBEE_CompSpec (19-Dec-09)

  5. #3
    Diamond Member tec0's Avatar
    Join Date
    Jun 2009
    Location
    South Africa
    Posts
    4,270
    Thanks
    1,656
    Thanked 439 Times in 386 Posts
    Blog Entries
    3
    AND it is an inside JOB! Here is the thing: how do scammers know you have an ABSA account? Where did this information come from? THAT IS THE QUESTION. Really you need more than just blind luck.
    peace is a state of mind
    Disclaimer: everything written by me can be considered as fictional.

  6. Thanks given for this post:

    BBBEE_CompSpec (19-Dec-09)

  7. #4
    Suspended
    Join Date
    Oct 2009
    Location
    Cape Town
    Posts
    390
    Thanks
    407
    Thanked 55 Times in 43 Posts
    IP Addresses are easier to trace. Just put them into Google. Its a shame you cannot hide anywhere these days.

  8. #5
    Suspended
    Join Date
    Oct 2009
    Location
    Cape Town
    Posts
    390
    Thanks
    407
    Thanked 55 Times in 43 Posts
    The scammers take chances as I also received the email. I bank at Nedbank. Have been for the past 35 years. I have never banked at the other banks. They take guesses. If you send out one million emails how many people do you think are going to answer the call. 1% is enough to make a killing.

  9. #6
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    20,979
    Thanks
    3,055
    Thanked 2,462 Times in 2,067 Posts
    Blog Entries
    12
    Quote Originally Posted by tec0 View Post
    AND it is an inside JOB! Here is the thing: how do scammers know you have an ABSA account? Where did this information come from?
    I agree with Shaun - they don't know where you bank. I've had this sort of email for every major bank in South Africa including ones I don't have accounts with, and quite a few overseas banks as well.

    Once they've harvested your email address from somewhere (did anyone here get their free Nokia phone from Nokia, their bucks from Bill Gates etc. for forwarding an email to all their friends and copying in an email address to let them know?) your email address is on their list for life - and there is no unsubscribe option
    The trouble with opportunity is it normally comes dressed up as work.

  10. Thanks given for this post:

    BBBEE_CompSpec (19-Dec-09)

  11. #7
    Diamond Member tec0's Avatar
    Join Date
    Jun 2009
    Location
    South Africa
    Posts
    4,270
    Thanks
    1,656
    Thanked 439 Times in 386 Posts
    Blog Entries
    3
    Yes and again NO... See I did a little experiment. I use to have an ABSA e-mail account. Now it was useless because back in the day they only gave you something like 2MB thus your e-mails had to be small. Thus the e-mail account was useless!

    Still one Monday morning I woke up and found that I had to confirm my account immediately! Now yes it was a scam but then I got a brainwave. Let me change my e-mail address that is NOT in use to something impossible to guess. So I gave it an alphanumeric name that I still have difficulty typing yet alone guessing!

    Now I never ever used my new e-mail address but there it was... ABSA needs you to confirm you account immediately mail. So I phoned help desk and ask them how it was possible? They said they would come back to me. But it has been 7 years and still no response?? In 2009 I cancelled the service.

    Guessing will account for a good amount of scam-mail but again... I don’t know... sometimes it’s not just luck...
    peace is a state of mind
    Disclaimer: everything written by me can be considered as fictional.

  12. Thanks given for this post:

    BBBEE_CompSpec (19-Dec-09)

  13. #8
    Suspended
    Join Date
    Oct 2009
    Location
    Cape Town
    Posts
    390
    Thanks
    407
    Thanked 55 Times in 43 Posts
    Let me tell you one thing. Whether you think so or not, none of these Bank Scam emails come from the inside. Every site you give your email address to. Every bank you register with goes on a national database. Unless you sign a disclaimer asking the businesses or banks not to use your email address in a third party situation your email automatically becomes public domain.tec0 if you are on FB your email address and who you are is known by the whole world. And that includes all your hidden or non disclosed email addresses.

  14. #9
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    20,979
    Thanks
    3,055
    Thanked 2,462 Times in 2,067 Posts
    Blog Entries
    12
    Quote Originally Posted by BBBEE_CompSpec View Post
    Every site you give your email address to.
    *Cough* This site being one of them? Apart from the admin team, the only way anyone else can get to the email address you used to register here is if you disclose it yourself. If I missed a trick there, please let me know. I went to some trouble to make sure it was set up that way - precisely to prevent email address collections by the unscrupulous.
    Quote Originally Posted by BBBEE_CompSpec View Post
    Every bank you register with goes on a national database. Unless you sign a disclaimer asking the businesses or banks not to use your email address in a third party situation your email automatically becomes public domain.
    I'll have to find the relevant piece of legislation, but I recall nowadays it actually works the other way. They are obliged to ask your permission first to pass on your details to third parties for marketing purposes. Was it the NCA that brought about that little change?

    Yes, your details will go onto the national credit register as per the NCA, but that is not exactly in the public domain. As per the NCA, any person or enterprise that wishes to get your credit record requires your permission first.
    The trouble with opportunity is it normally comes dressed up as work.

  15. Thanks given for this post:

    BBBEE_CompSpec (19-Dec-09)

  16. #10
    Suspended
    Join Date
    Oct 2009
    Location
    Cape Town
    Posts
    390
    Thanks
    407
    Thanked 55 Times in 43 Posts
    Dave. You have secured third party access yourself. You took time to make the extra effort in trying to make your site as perfect as possible. Not many sites do so. Two banks guilty of the offense of not securing their clients details were Africa Bank and Capitec Bank. Prior to them qualifying as banks they were loan sharks.

    Some of the people into ID theft are very clever. They can get your details easily as the cover ups they use look extremely professional.

    Some people store all their private info in their cell phones. You've read articles of scammers accessing cell phone info.

    Facebook is the biggest scammer on this earth. And we are all guilty of allowing our info to be stolen as most of us are involved in this site. They have a disclaimer stating that if you enter into an application you will be making your soul accessible to other parties. All your info will be known by the very people that write and create that specific application. Absolutely nothing on Facebook is private unless your make it private.

    The Government Gazette is another guilty party for giving out private information.

    You'll be surprised how easy it is to get private info these days. The banks use outsourced means to obtain their goals. How do we know how kosher these companies or even their employees are?

    Very few businesses go that extra mile to ensure that their client database info is secure. We may have laws in place but even our government is guilty of breaching such laws.
    Last edited by BBBEE_CompSpec; 19-Dec-09 at 07:10 AM. Reason: Syntax Error

Page 1 of 2 12 LastLast

Similar Threads

  1. Holiday apartment deposit scam
    By Dave A in forum Scam Alert Forum
    Replies: 11
    Last Post: 02-Sep-11, 08:24 AM
  2. Teams satisfied with security arrangements
    By BBBEE_CompSpec in forum General Chat Forum
    Replies: 0
    Last Post: 08-Dec-09, 10:57 AM
  3. Tell-tale signs that indicate a scam
    By twinscythe12332 in forum Scam Alert Forum
    Replies: 1
    Last Post: 08-Oct-09, 09:30 AM

Tags for this Thread

Did you like this article? Share it with your favourite social network.

Did you like this article? Share it with your favourite social network.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •