Banking details confirmation scam

**entoserv** · 21-Aug-06, 10:49 AM

I've seen these too - but not for any South African banks.

Has anyone heard of this happening with a South African bank?

**Dave A** · 02-Mar-07, 10:46 AM

Apparently these phising scamsters have now found South Africa.

All I can recommend is to go to your bank's website:

From your own computer - don't use public computers, and
By typing the bank's URL directly into your address bar.

If you have set your bank's homepage as a Favorite, just take a look at the URL when you go there. It should be as simple as the day you saved.

It's hard not to seem a touch paranoid about these things, but when it comes to online banking - you really need to pay attention.

**Dave A** · 02-May-07, 04:28 PM

FNB phising scam

I've received this phising email for a "problem" I have with my FNB account. First problem - I don't have an FNB account.

Dear FNB Customer:

We recently have determined that different computers have logged into your Fnb Online Banking account, and multiple password failures were present before the logons.
We now need you to log into your account and verify your account activity.
account we have issued this warning message.

It has come to our attention that your Fnb Bank account information needs to be reactivated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website in this new Season.
Once you have reactivated your account records your Fnb Online Banking account service will not be interrupted and will continue as normal.

To reactivate your Fnb account records click on the following link:

https://www.online.fnb.co.za/signon?LOB=reactivateAcct
(That's what is shown - the link actually goes to http://wellsfargoery.web.aplus.net/fnb/index.htm)

Accounts Management As outlined in our User Agreement, FNB will periodically send you information about site changes and enhancements.

Visit our Privacy Policy and User Agreement if you have any questions.
https://www.fnb.co.za/help /index.jhtml

**Dave A** · 18-May-07, 09:44 AM

The phising assault on Standard Bank customers has begun. I've just received this:

<https://www2.encrypt.standardbank.co.za/ibsa/images/logoWhiteOnBlue_en_ZA.gif>

Because of unusual number of invalid login attempts on your account, we had to believe that there might be some security problems on your account.
So we have decided to put an extra verification process to ensure your identity and your account security.
Standard Bank security department has request for your account informations including your registered email address and your email password.
These will be used in our upcoming security enhancement which will be taking place on the 27th of May 2007.
These Informations are mandatory to complete your verification as a legitimate member of Standard Bank Limited.
please take 5-10 minutes
out of your online experience and verify your personal records so that you will not run into any future problems with the online service.

Please click on sign in to Online Banking <http://www.youartist.com/modules/standardbankupdate/signonmenu.htm> to continue to the verification process and ensure your account security.
It is all about your security. Thank you

Regards
Standard Bank Limited
Image - Handshake<http://www.aibgb.co.uk/servlet/BlobServer?blobkey=id&blobwhere=1096576951800&blob col=url_image&blobtable=GB_Image&blobheader=image/jpeg>

Be careful out there folks.

**RKS Computer Solutions** · 18-May-07, 04:30 PM

These bastards will never stop....

**stephanfx** · 18-May-07, 07:11 PM

I got it on the general email at work, one from ABSA, Third bank, FNB and standard bank! Amazing where they get it from...

**Dave A** · 18-May-07, 08:14 PM

I suspect they don't have to empty too many bank accounts to make a pretty wholesome profit.

**stephanfx** · 24-May-07, 11:34 AM

I just received another email (3 in fact) from "Standard Bank" to confirm my details.

1: I don't bank with Standard Bank :P

The thing is that the link sent in the email is directed at a website with a pr of 4. I am always interested to see where they lead. There is a picture and address of the person who runs the site. It is in arabic or some other and it is just amazing that it is still up and running...

**Eugene** · 25-May-07, 11:46 PM

Well well, just cleaned up my mailbox and also received a FNB letter (as a undisclosed recipient) wanting to confirm my details. As everyone else I have never banked with FNB and accually hoped that a distant relative left me a huge chunk of money in a FNB account that I was not aware of, but to no avail. I think that with the new National Credit Act coming in force in the next week we might see more of these letters doing the rounds....

**Dave A** · 24-Jun-07, 09:40 AM

A related story coming out:

If you bank via the internet, beware of the latest scam - fraudsters may try to get you to receive by email the one-time password (OTP) your bank issues so that they can intercept it. Once criminals have your OTP, they can use it in combination with your account log-on details to transfer money out of your account.

In an attempt to stop online fraud, the banks issue OTPs, which you must enter each time you want to amend your contact details or change your beneficiaries. This password is valid for a single internet banking session only.

Fraudsters are now trying to intercept these OTPs so that if they manage to obtain your account log-in details, they can add themselves as a beneficiary and transfer money out of your account.

The major banks are taking steps to address the problem by encouraging you to receive your OTP by SMS rather than by email.

They say no South African bank will ask you to verify your personal identification number (PIN) in an email. If you receive such an email, you should not respond as it is likely to be from a fraudster after your log-in details.
from Personal Finance here

Is there a way fraudsters could intercept an OTP and use it before you do?

**Dave A** · 27-Jun-07, 10:27 AM

Hmm. I think this is what the fuss is about. I received this email today (and I'm not an ABSA client):

We recently noticed one or more attempts to log in to your ABSA account from a foreign IP address.
Because of this unauthorized number of login attempts on your account, we had to believe that there might
be some security problems on your account and we have suspended your account temporary.
So we have decided to put an extra verification process to ensure your identity and your account security.

ABSA Bank security department has request for your account information including
your registered email address and the password to the email address.
These will be use in our upcoming security enhancement, which will be taking place on the 31th of June 2007.

This Information is mandatory to complete your verification as a legitimate member of ABSA Bank.

However, you are required to use your computer keyboard and not the touch pad in completing
the step 2 of this verification.
Please take 5-10 minutes
out of your online experience and verify your personal records so that you will not run into
any future problems with the online service.

(Link shows as) https://www.absa.co.za/verify/cgi-bin/webscr?cmd=_login-run (but actually goes to http://www.virtuulis.com/becres/modules/Forums/absa/ipjps_files/index.htm )

If you choose not to complete this request, you give us no choice but to suspend your account temporary.

It takes at least 72 hours for the investigation in this case and we strongly recommend you to verify
your account at that time.
Thanks for your patience as we work together to protect your account.

ABSA Security Department.

Now if they get the password to your email account, and have collected the online banking log-in information - they can get past the one time password feature if enabled by email.

I'm not familiar with the ABSA online banking site, but I suppose you can also change to OTP via email there...

Expect similar attacks on the other banks - although Standard Bank has introduced big warnings in red about this phising attack in their log-in page.

**Dave S** · 27-Jun-07, 11:30 AM

DaveShe

Hi Folks,

I got this one about 5 times this morning, remember never to click a link in an e-mail. This is obviously a Phishing attempt.

"June 2007

Dear Valued Customer,
Financial institutions around the world have always been subject to attempts by criminals to try and defraud
money from them and their customers. These attempts can occur in a number of ways ( e.g. credit card fraud,
telephone banking or Internet scams).

As a part of our ongoing commitment to provide the "Best Possible" service and Protection to all our Members this year,
we are now requiring each member to validate their accounts using our new secure and safe SSL servers. To
validate your online banking account click on Log In To Online Banking.
This Email has being sent to all ABSA Banking customers, and it is compulsory to follow
as failure to verify account details will lead to account suspension.

Thank you.
Online Banking Security Team
ABSA Bank Security Department
ABSA Bank Limited

Absa | Digital Banking for individuals and businesses

http://www.absa.co.za

With Absa's Digital Banking services, you can open a bank account, get a loan, or sign up for internet banking quickly and easily.

ABSA, Today, tommorow, together
Â© All Rights Reserved. ABSA Bank Limited. SA
Do NOT reply to this message, as replies would not be answered

TRACKING NUMBER: A00001337816-00005310113"

These eople are the pits!!!!!

**stephanfx** · 27-Jun-07, 12:38 PM

I have been banking online for quite some time now and I must admit that these people are really going at it. I wonder if there are any stats on how many people actually fall for this, and if they do, what is normally the banks response?

**Dave A** · 24-Jul-07, 07:35 AM

They've started on Nedbank now

I got this phising attempt on Nedbank this morning.

Dear Customer

We're committed to protecting you when you bank with us.Our industry-standard
levels of security ensure that you can always access your NedBank Accounts online with confidence.
To ensure you are always protected, we are introducing a new programme of security initiatives,
with our new Online Banking access homepage.

Over the next few months, you’ll see a number of changes in our online services access
that we put in place to make sure you stay secure and to help you
protect your Internet banking information.
We’re here to help you stay safe while banking online.
In this manner your Online Banking services needs to be reactivated to ensure a safe banking with us.

To reactivate your NedBank records click on the following link:
https://netbank.nedsecure.co.za/customer/ (actually links to http://www.vsnk.fi/help/nedd.htm)
Thank You.
Accounts Management As outlined in our User Agreement, NedBank will
periodically send you information about site changes and enhancements.
Visit our Privacy Policy and User Agreement if you have any questions.
http://www.nedbank.co.za/help /index.html

As always, note that the link to click does not take you to the URL it purports to be. And the link to the privacy policy and user agreement is not in fact a link at all.

Banking details confirmation scam

Banking details confirmation scam

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment