This sample has been generated to provide our customers with an example of online fraud. The message attempts to trick customers into revealing sensitive information including their account number and their password. It prompts customers to take action by threatening to deactivate an account that may have been compromised. Customers are urged never to provide information or attempt logons unless they have physically typed the website address in their browser.
The offending e-mail is presented below as an image. Notice the presence of the company logo and copyright information, its presence does not ensure that an e-mail is valid. The presence of spelling errors can be an indication that an e-mail is fraudulent. In this sample, the word 'exiting' in the first sentence should actually be 'existing'. The clickable link in the e-mail can direct customers to an untrusted site, not to the URL represented by the clickable link. This can be hard to detect.
A screenshot of the e-mail in question.
If a customer clicks on the link in the e-mail, they are taken to a website that appears to be an XYZ Bank site. The URL shown in the browser and the general appearance of the site might lead one to believe it is a trusted site, but this may not be the case. The only way to be completely safe is to avoid using a site unless you have physically typed in the URL.
|
