Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 129 - April 2012 (2nd Edition) - Page 5

HSBC 'Password Entered Incorrectly' Phishing Scam

Issue 129 Start Menu

Previous Article            Next Article

Email purporting to be from ECU Australia claims that the recipient's ECU account has been limited due to a report of unauthorized credit card transactions and that he or she must therefore restore account access by submitting an attached form.

Brief Analysis
The email is not from ECU. In fact, the message is a phishing scam designed to steal credit card details from ECU customers. If you receive one of these emails, do not open any attachments or open any links that it may contain.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 3rd April 2012
First published: 3rd April 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Subject: Case ID Number: ECU-503-410-563

Dear ECU Australia user,

As part of our security measures, we regularly screen activity in the ECU Australia system. We recently contacted you after noticing an issue on your account.

We requested information from you for the following reason:

We recently received a report of unauthorized credit card use associated with this account. As a precaution, we have limited access to your ECU Australia account in order to protect against future unauthorized transactions.

Case ID Number: ECU-503-410-563

This is a reminder to restore your account as soon as possible.

Please download the form attached to this email and open it in a web browser. Once opened, you will be provided with steps to restore your account access. We appreciate your understanding as we work to ensure account safety.

In accordance with ECU Australia's User Agreement, your account access will remain limited until the issue has been resolved. Unfortunately, if access to your account remains limited for an extended period of time, it may result in further limitations or eventual account closure. We encourage you to restore your ECU Australia account as soon as possible to help avoid this.

We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

ECU Australia Account Review Department

ECU Australia Email ID PP638

Detailed Analysis
According to this emailed message, which purports to be from Australian based credit union, ECU Australia, the recipient's ECU account access has been limited due to a report of unauthorized credit card use. The recipient is instructed to open an attached web form and fill out the requested details in order to restore access to the account.

However, the email is not from ECU Australia and the claim that the recipient's ECU account has been limited is a lie. In fact, the message is a classic phishing scam designed to steal credit card details from unsuspecting account holders. Those who fall for the ruse and open the attached file as instructed will be presented with the following form in their web browser:

ECU Fake Form

The bogus form asks for name and address and credit card details. After the victim clicks the "Submit" button, all of the requested information can be collected by the criminals behind the scam and used for credit card fraud.

ECU has alerted customers to the scam emails, noting on its website:
It has come to our attention that ECU Australia has become target to a phishing/hoax email attack. The email contains an attachment which asks for information including credit card and other personal details.

Please be aware that ECU Australia will never send an email asking for this sort of information.

If you have inadvertently responded to one of these emails, please contact ECU Australia right away on 1800every1 (1800 383 791
If you receive one of these scam emails, do not open any attachments or click any links that it may contain.

Bookmark and Share References
Phishing Scams - Anti-Phishing Information
03 April 2012 - Scam email circulating

Previous Article            Next Article

Issue 129 Start Menu

Pages in this issue:
  1. RockMelt Virus Warning Hoax
  2. WhatsApp 'Servers Really Full' Hoax
  3. Circulated Warning Claims That Superheated Water In Microwave Can Explode
  4. Apple $100 Discount Card Phishing Scam
  5. HSBC 'Password Entered Incorrectly' Phishing Scam
  6. Viral Video Depicts Fatal Smash Between SUV and Truck
  7. Unsubstantiated Warning - Johannesburg Freeways 'Complete Shutdown 25th April'
  8. Facebook Page Hacker Warning Message - "Visit The New Facebook" Links
  9. Google Promotion Award Advance Fee Scam
  10. US Airways 'Flight Confirmation' Malware Emails
  11. Disabled Student Left Out of School Choral Performance
  12. Hoax: Facebook to Start Charging This Summer - Facebook Icon Will Turn Blue