Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 139 - September 2012 (2ndt Edition) - Page 9

NatWest 'Account Locked' Phishing Scam

Issue 139 Start Menu

Previous Article            Next Article

Outline
Email purporting to be from UK bank NatWest, claims that recipient's bank account has been locked due to incorrect account information and that he or she must therefore click a link to correct the information and regain access.



Brief Analysis
The email is not from NatWest. In reality, the message is a phishing scam designed to trick users into suppling their personal and financial information to cybercriminals via a bogus website.

Bookmark and Share
Detailed analysis and references below example.





Scroll down to submit comments
Last updated: September 11, 2012
First published: September 11, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

Subject ALERT !

Natwest Phishing Scam Logo

Dear NatWest Customer,

Your account registered with NatWest BANK ACCOUNT has
been LOCKED due to incorrect account information.

This account will remain locked until correct information is received.
To correct your account information please follow the information below.

1. Log in here to Update
2. Enter the required information, and update the account information
3. You must login after the information

Thanks.

Note: Failure to update your information will lead to online service suspension.

Yours sincerely,
Online Customer Service
National Westminster Bank plc




Detailed Analysis
This email, which purports to be from large UK based bank National Westminster (NatWest), claims that the recipient's bank account has been locked because the account contains incorrect information. To rectify the problem, the recipient is instructed to click a link to login to their NatWest account and supply the requested information. The recipient is further warned that failing to supply the information will result in an ongoing service suspension.

However, the email is not from NatWest and the claim that the recipient's account has been locked is a lie. A user who falls for the ruse and clicks the link in the scam email, will first be presented with the a bogus login webpage as shown in the following screenshot. The fake page is designed to look like a genuine NatWest webpage:

Natwest Phishing Scam Fake Login
If the user enters the customer number as required and "logs in" on the bogus website, he or she will be presented with a second fake webpage that asks the for bank account's PIN and password as well as as card numbers, ATM details and other personal information:

Natwest Phishing Scam Bogus web form

If the user then clicks the "Next" button on the bogus webpage, he or she will be redirected to the genuine NatWest website, and may therefore have no idea at that point that skulduggery is afoot. Meanwhile, all information submitted on the bogus website can be collected by the scammers and used to hijack the victim's real NatWest account and commit credit card fraud.

Phishing scams just like this one are extremely common and continually target users of various financial institutions and other online service providers all around the world. Be very caution of any message that claims that you must click a link or open an attachment to rectify or update an online account. Legitimate entities are unlikely to make such requests to customers via unsolicited emails. It is always safest to access your online accounts by entering the account's web address into your browser's address bar rather than by clicking a link in an email.

Bookmark and Share


Previous Article            Next Article

Issue 139 Start Menu

Pages in this issue:
  1. PayPal 'Refund Pending' Phishing Scam
  2. Tom Kenny, Voice of SpongeBob Is NOT Dead
  3. Facebook Post Claims Dog Saved Puppies From House Fire
  4. HM Revenue & Customs Income Tax Repayment Phishing Scam
  5. Did Samsung Pay a $1 Billion Fine to Apple in 5 Cent Coins?
  6. Student Finance England 'Payment Cancelled' Phishing Scam
  7. All-In-One Shopping Voucher Malware
  8. Morgan Freeman is NOT Dead
  9. NatWest 'Account Locked' Phishing Scam
  10. 'Causes' Petition Calling To End Using Dogs As Shark Bait
  11. Young Football Player Not Allowed to Wear Pink Gloves For Breast Cancer
  12. Photo Sharing Request for 'Pray For Rosalie'
  13. Misleading Warning about Missed Calls From +375 and +371 Numbers
  14. 'Catholic Charities Organization' Money Laundering Scam
  15. Facebook Survey Scam - Free $500 Woolworths Gift Voucher
  16. 'Windows Live Update' Sector Zero Virus Hoax
  17. Killer Piranha Attack Images
  18. Circulating Image Implies Heineken Supports Dog Fighting
  19. Another Sick Baby Hoax - Like, Comment or Share to Help Baby With Large Mass on Her Back
  20. ACMA 'Security Upgrade' Phishing Scam
  21. 'Circle of Safety' - Child Stuck in Wheel Well Photograph
  22. American Express 'Security Verification' Phishing Scam