Issue 137 - August 2012 (2nd Edition) - Page 2

Nationwide Phishing Scam Emails

Outline
Series of emails purporting to be from UK based financial institution, Nationwide urge recipients to click links in the messages in order to rectify supposed account problems.

Brief Analysis
The emails do not come from Nationwide. Instead they are sent by online criminals intent on tricking Nationwide customers into divulging their account login details.

Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:

Last updated: August 14, 2012
First published: August 14, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Examples

Subj: Nationwide Account Notification

Dear Valued customer,

We are committed to protect your account
with the best technology adopted to keep your details safe
and dedicated teams to monitor online activities and intercept any suspicious actions.

Click Here To Proceed

Thank you for your Co-operation
Customer Service

Nationwide Building Society-Internet Banking

Subj: Nationwide Account Notification

Dear Nationwide customer,

Due to the fraudulent activities noticed on our online banking, we have decided to make an Update page for your account for security reasons
and to prevent you and your account from fraudulent activities. This update is compulsory for every customer.

As part of our ongoing commitment to provide safe online experience and protection to all our customers,
we are requiring each Customer to Update their account using the new secured servers.

Please Update your online banking account by clicking on the secure link provided below:

[Link removed]

Thanks for your co-operation.

Fraud Prevention Unit
Legal Advisor
© Nationwide Bank plc 2012

Subj: Nationwide:Important Alert

Dear Customer:

Your Secure login details seem to have been compromised.

Please log in to the secure link below, and verify your security

details to avoid an unnecessary suspension of your account.

To log in and verify your account click go here :

Online Banking Secure Login Page

Note:

This e-mail was sent on behalf of the online banking community, If you do not have an online banking with Nationwide Internet Banking ignore this message.

Subj: Important Information!

Important Information

Dear Customer,

You have an incoming payment slated for your account. This transaction cannot be completed due to errors present in your account information's .

Please note that the we shall have no liability if you are unable to use Internet Banking because of the failure of any machine, data processing system or transmission link or anything else beyond our, or our agents reasonable control.

We have taken reasonable steps to ensure that electronic mail and other transmissions passing over the Internet are not interfered with by third parties. However, we cannot guarantee the privacy or confidentiality of any information passing over the internet or that it will not be interfered with.

You are required to click on the link below to fix this problem immediately.

[Link removed]

© Nationwide Building Society is authorised and regulated by the Financial Services Authority under registration number 106078. Credit facilities other than regulated mortgages are not regulated by the Financial Services Authority. You can confirm our registration on the FSA’s website, www.fsa.gov.uk or by contacting the FSA on 0300 500 5000.

Detailed Analysis
Customers of UK based building society Nationwide, have recently been targeted in a series of phishing scams. Emails warning of various Nationwide account security or payment issues have been randomly distributed to many thousands of inboxes. The urgent sounding messages ask recipients to click a link in order to rectify the problem and warn that failure to comply with the requests may result in account suspensions or compromised account security. Some variants ask users to open an attached file rather than click a link.

Clicking the link or opening the attachment reveals a fraudulent Nationwide "login" website. The fake pages on the site ask users to submit their Nationwide customer number followed by the memorial data, banking pin and passnumber associated with the account. The fake pages include seemingly genuine Nationwide graphics, logos and formatting to make them appear legitimate. After victims have submitted the requested login details on the fake website, they will be automatically redirected to the real Nationwide website.

Meanwhile, the scammers are able to collect all of the submitted details and use them to hijack the real Nationwide accounts of their victims. Nationwide has published information about such phishing attacks on its website.

Phishing is a very common criminal ploy that targets customers of many financial institutions all around the world. Legitimate banks or other online services are very unlikely to send generic emails that urge users to click a link or open an attachment to rectify an account problem. If you receive such an email, do not click any links or open any attachments that it may contain.

It is always safest to access your online accounts by entering the account web address into your browser's address bar rather than by clicking a link in an unsolicited email.

References
Nationwide - Online fraud
Phishing Scams - Anti-Phishing Information

Previous Article Next Article

Issue 137 Start Menu

Pages in this issue: