Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 131 - May 2012 (2nd Edition) - Page 16

Santander Online Banking Software Upgrade Phishing Scam

Issue 131 Start Menu

Previous Article            Next Article

Email, purporting to be from large banking group Santander, claims that, due to a scheduled security software upgrade, the recipient must click a link to upgrade their account immediately.

Brief Analysis
The email is not from Santander. In fact, the message is a phishing scam designed to steal login and banking details from Santander customers.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 30th April 2012
First published: 30th April 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Subject: Santander Online Banking Notice

Dear Valued Customer,

Santander Online Banking technical services department is carrying out a scheduled software upgrade to improve the quality of services for the bank's customers. Please upgrade immediately by clicking on this link below:

Secure Sign-In Access

Thank you for your prompt attention to this matter.

Security Department

Detailed Analysis
This bogus message falsely claims to be from the security department of large banking group Santander. In a tried and tested phishing technique, the criminals responsible for this scam attempt claim that recipients must immediately click a link to update their banking details due to a scheduled software upgrade. Supposedly, this software upgrade will result in improved services for customers.

But, of course, the message is certainly not from Santander and the claim that the recipient must upgrade his or her account is untrue. The supposed account upgrade requirement is simply the bait used to trick victims into visiting a fake "Santander Online Bank" website and submitting their personal information. The fake site has been made to look very similar to the genuine Santander website. Those who fall for the trick and click the "upgrade" link will first be taken to a bogus bank login page as depicted in the following screenshot:

Santander Phishing Scam Login

Next, the victim is taken to a second fake page that asks for the account passcode, pin and contact details:

Santander Phishing Scam Bogus Form

After submitting the requested information, the victim is taken to a third fake page that asks for the security verification questions attached to the account:

Santander Phishing Questions and Answers

Finally, the victim receives a pop-up message advising that the verification request has been successfully completed:

Fake Verfication Successful message

After clicking the "OK" button, the victim is then automatically redirected to the UK branch of the genuine Santander website. Meanwhile, the criminals behind the scam will be able to collect all of the submitted information and use it to hijack their victim's real Santander account and commit fraud and identity theft.

130advises its customers about such scams via its website. As with other legitimate banks and financial institutions, Santander will never ask customers to provide online bank details via an email.

Phishing is a very common form of online scam. To learn more about phishing scams and how to avoid them, see:
Phishing Scams - Anti-Phishing Information

Bookmark and Share References
Common Threats - Phishing
Phishing Scams - Anti-Phishing Information

Previous Article            Next Article

Issue 131 Start Menu

Pages in this issue:
  1. Paypal 'We Need Your Help Resolving an Issue With Your Account' Phishing Scam
  2. Boy Shot By Step Dad Charity Hoax
  3. One Direction Facebook Page Hacker Warning Message
  4. Windows Live 'Account Blocked' Phishing Scam
  5. 'Quilts in the Snow Photographs' - The Art of Simon Beck
  6. Shark Behind Scuba Divers Photo Hoax
  7. Facebook Survey Scam - Free Oakleys To All Facebook Users!
  8. Gang Initiation Warning Hoax - Infant Car Seat Left On Roadside
  9. Do Not Call - Mobile Phones Going Public Hoax
  10. Amazon 'Order Cancellation' Pharmacy Spam Emails
  11. Commonwealth Bank Phishing Scam - Online Access Suspended Message
  12. Circus Cruelty to Animals Protest Message - Baby Elephant Photograph
  13. Survey Scam - Free $1000 Walmart Gift Card Text Message
  14. Pharmacy Spam Emails Purport to be From YouTube
  15. Hoax - Picture of 'World's Largest Tortoise'
  16. Santander Online Banking Software Upgrade Phishing Scam
  17. Apple Store Account Phishing Scam
  18. Legitimate: 'Reminder to Update Your Legacy Blogger Account' Email