Scroll down to submit comments
Last updated: August 1, 2012
First published: August 1, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: Your Attention Is Needed From LloydsTSB Bank
Please note that starting from this month
we will be introducing new online
banking authentication procedures in order to
protect the private information of all online
You are required to confirm your online
banking details with us, as you will not be
able to have access to your accounts until this has
Confirm your account now to continue banking with
Click here to confirm
This email, which has been created so that it appears to originate from UK banking group Lloyds TSB, notifies recipients that new banking authentication procedures will soon be introduced. According to the message, these new procedures will help protect the privacy of online banking users. The email claims that, because of these impending changes, Lloyds TSB customers must confirm their banking details by following a link in the message. But, warns the message, customers will not be able to access their online accounts until their details have been confirmed.
In fact, the email has no connection whatsoever with Lloyds TSB and is certainly not a legitimate banking notification message. In fact, the message is a phishing scam. By creating a message that appears to be a legitimate banking notification, the criminal perpetrators of this scam attempt hope to fool unwary Lloyds TSB customers into divulging sensitive personal and financial information.
Bank customers who are fooled by the fake email and click the email link will first be taken to a bogus webpage and asked to enter their bank login details. The page is designed by its criminal creators to closely mimic the real Lloyds TSB login page. Once victims have logged in on the fake page, they will then be presented with an account confirmation form hosted on a second fake page that asks for name, address and identification details as well as credit card and banking information. If victims provide all of the requested information and hit the "submit" button, they will then receive a final message informing them that their account confirmation has been successfully completed.
Alas, all of the information submitted on the fake web pages will be harvested by the criminals and used to commit bank and credit card fraud and identity theft. Because the criminals now have the login credentials supplied by their victims, they can go to the real Lloyds TSB website and gain access to the compromised accounts at will.
This is a typical phishing scam the likes of which I have discussed many times before on these pages. Unfortunately, despite many warnings about such scams online and even in the mainstream media, people all around the world continue to get taken in by phishing scams just like this one. Phishing scammers use many and varied cover stories to disguise their nefarious intentions. Internet users should be very wary of any email that claims they must update, confirm or verify account information by clicking a link or opening an attached file. Real organizations are unlikely to make such a request to customers via a generic and unsolicited email like the example shown above.
As a simple safety precaution, users should always login to any of their online accounts by typing the account website address into their browser's address bar.
Phishing Scams - Anti-Phishing Information
Lloyds TSB Phisher Scam