Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 137 - August 2012 (2nd Edition) - Page 33

ABSA 'Authorized EFT Payment Received' Phishing Scam

Issue 137 Start Menu

Previous Article            Next Article

Email purporting to be from South African bank ABSA claims that the recipient must approve a pending EFT payment by opening an attached file and supplying account login details.

Brief Analysis
The message is not from ABSA. Instead, it is a phishing scam designed to trick ABSA customers into divulging their account login details to Internet criminals. If you receive this or a similar email, do not open any attachments or click on any links that it contains.

Bookmark and Share
Detailed analysis and references below example.

Scroll down to submit comments
Last updated: July 31, 2012
First published: July 31, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Subject: Authorized EFT Payment Received

EFT Payment Received!

Valued Clients,

You have a pending EFT payment selected for your account. We are unable to process this payment to your account as your approval is required to authorize the credit to reflect in your account, Please approve the payment to receive your incoming EFT deposit, follow the instructions below to approve your payments.

Please ensure to enter security RVN numbers sent to your cellphone Number to approve this transfer, failure to do so will reverse this payment.

Please download attached encrypted zipped statement. We have encrypted your account statement in a secure zip folder which can be downloaded directly from our database, download the zip folder, save or open on your computer, you will find your statement encrypted Statement_07-2012, double-click to open now from our mobile website and be automatically logged into your account to approve your payments.

ABSA Mobile Banking!

Please accept our apologies for any inconvenience this action may have caused.

Thank you for banking with us.

ABSA Pending EFT Phishing Scam

Detailed Analysis
According to this email, which purports to be from South Africa's ABSA bank, the recipient has an EFT payment pending for his or her ABSA account. The message claims that the EFT payment has not yet been processed because the account holder is required to approve the supposed funds transfer. The recipient is instructed to unzip an attached folder and then open an "encrypted" account statement in order to approve the pending payment.

However, the email is certainly not from ABSA. The message is a phishing scam that attempts to fool ABSA customers into submitting their account login details to Internet criminals. Those who unzip the attached folder and click the "account statement" file as instructed will be presented with the following login form, which loads in their web browser:

ABSA Scam Login Page

Those who fall for the ruse and enter their account details, will next be taken to a page that claims that they must wait for a phone text message to be sent to them before finally authorizing the pending EFT payment. However, this supposed requirement appears to be just a delaying tactic. Since the criminals behind the scam are unlikely to have the victim's mobile phone number, the supposed RVN SMS will never arrive. In fact, the bogus website allows the victim to click "continue" without entering any RVN number. After clicking "Continue", the victim is then shown the following message:

Please wait while your account is been verified...
Upon successful verification, your account will be logged off and new security upgrades will be applied. Your account credit payment will now be authorized and security updates will be applied to your account profile... Please wait 45 minutes to logon again

At this point the victim believes that the approval process has been successful. And the account holder may dutifully wait 45 minutes before logging in to his or her account. The scammers can use this waiting time to collect the victim's login details via the fake form and login to his or her real ABSA account. Once they have gained access to the compromised account, the scammers can first change the victim's login details, thereby locking out the rightful owner. They can then steal money from the account and use it to conduct further fraudulent activities and transactions at will.

Thus, the hapless victim may not even realize that he or she has been phished until it is too late. This is a fairly sophisticated phishing attempt in that it uses spoofed addresses, stolen ABSA graphics and a reasonably plausible cover story to make the claims in the scam message seem more legitimate. As noted, it also attempts to delay discovery by asking victims to wait 45 minutes before logging in to their accounts.

Be wary of any email that claims that you must open an attachment or click a link in order to login to your account and verify or update account information. It is always safest to login to your online accounts by entering the account address into your web browser's address bar.

Phishing is a very common type of Internet fraud that continues to gain new victims all around the world every day. Like other major financial institutions, ABSA is regularly targeted in such scams. ABSA has published information on its website warning customers about phishing scams.

Bookmark and Share

Previous Article            Next Article

Issue 137 Start Menu

Pages in this issue:
  1. Anti Text-Driving Message - Car Wedged Under Truck Image
  2. Nationwide Phishing Scam Emails
  3. Faux Image - Double Sunset on Mars
  4. Microsoft Cyber-Crime Department Phishing Scam
  5. Does A Photo Depict A Puppy Being Forced to Drink Vodka?
  6. Post Circulating Claims Hotel Made Disabled US Veteran Crawl Down Stairs
  7. AFL vs NRL - Wrongdoings of Australian Members of Parliament Hoax
  8. Phishing Scam
  9. Another Facebook Sick Baby Hoax - Baby With Brain Cancer
  10. Circulating Opinion Piece - 'Democratic, Republican Liberal-Progressive's Worst Nightmare'
  11. Fake Three (Or Seven) Headed Snake Image
  12. Misleading Health Advice Email - 'Mayo Clinic on Aspirin and Heart Attacks'
  13. Facebook Survey Scam - Free Argos Gift Card
  14. 'Email Deactivation Warning' Phishing Scam
  15. Anti-Obama Youtube Video Compiles Multiple Conspiracy Theories
  16. Fake AT&T Bill Emails Point To Malware
  17. Messages Claim Coca Cola to be Banned In Bolivia
  18. 'Free Apple Product' Text Message Survey Scam
  19. Circulating Warning - Facebook May Close Down Animal Rescue Account'
  20. 2012 FIFA World Cup Online Lottery Advance Fee Scam
  21. Email Claiming US Gold Medal Gymnast Gabrielle Douglas Faces Lifetime Ban Used to Spread Malware
  22. Bigpond Security Service Phishing Scam
  23. Wrestling Star John Cena is NOT Dead
  24. Hoax - NASA Predicts Total Blackout of Planet in Dec 2012
  25. Wrestling Star Undertaker is NOT Dead
  26. Colin And Chris Weir Donation Programme Advance Fee Scam
  27. US EPA Regulations Force Power Plant Closures
  28. 'View Facebook Followers' Scam Targets Twitter Users
  29. Lloyds TSB 'New Banking Authentication' Phishing Scam
  30. Faux Image - Pilots Protesting Chemtrails
  31. Telstra Bill Account Update Phishing Scam
  32. McDonald's Signboard Supporting Chick-Fil-A
  33. ABSA 'Authorized EFT Payment Received' Phishing Scam
  34. Hoax Picture - Obama Holding Phone Upside Down
  35. 'eBay Item Not Received' Phishing Scam Email
  36. Wells Fargo 'Security Check' Phishing Scam
  37. False Warnings - 'Cleaning out Friends List' Questions on Facebook Contain Viruses or are Posted by Hackers