Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share







Issue 142 - Novemeber 2012 (1st Edition) - Page 15

Lloyds TSB 'Internet Banking Account Status' Phishing Scam

Issue 142 Start Menu

Previous Article            Next Article

Outline
Email purporting to be from UK bank Lloyds TSB, and apparently signed by Lloyds own Digital Banking Director, explains how customers can benefit from using Intent banking and urges them to click a button to login and start using the service.



Brief Analysis
The email is not from Lloyds TSB. The message is a phishing scam designed to trick the bank's customers into handing over their personal and financial details to fraudsters.

Bookmark and Share





Scroll down to submit comments
Last updated: October 18, 2012
First published: October 18, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

Subject: Important Message - Your Internet Banking Account Status !

Dear Lloyds TSB Customers,

You can use Internet Banking to pay your bills and manage all your transactions when it suits you.

One of the ways you can do this is by our faster payments service which allows you to make one off online payments. In most cases the money is available in the recipients bank account almost immediately.

You can also register for Lloyds TSB Bill Manager, which lets you view, pay and manage your bills - particularly popular with customers who bank online.

Manage Direct Debits and standing orders

Make credit card payments

Transfer money between your accounts

Order travel money.
You can use our online banking service knowing youl be protected by the latest online security technology. We even guarantee to refund your money in the unlikely event that you experience a fraud with Internet Banking.

So, log on today for the quick, easy way to make payments and control your finances around the clock.

Yours sincerely,

[Name Removed]
Digital Banking Director

Lloyds Account Status Phishing




Detailed Analysis
UK bank Lloyds TSB has been regularly targeted by phishing criminals, and I have written about such scam attempts several times before. As with other major banks, phishing attacks against Lloyds customers are ongoing. But, I thought it worthwhile to bring this version to the attention of readers because it is a comparatively sophisticated example of its kind.

The message, which describes the advantages offered by signing up for Internet banking, is quite well rendered and lacks the glaring spelling and grammatical errors that often characterize such scam attempts. The email comes complete with a Lloyds TSB logo and familiar green colour scheme. It even features the name and signature of the bank's real Digital Banking Director.

Thus, it is likely that at least a few of the people who receive one of these scam messages will be taken in and will click the "Take me to Internet Banking" button as advised. Alas, those who do take the bait and click will be transported to a site hosted in Serbia that has no connection whatsoever to Lloyds TSB. The scam victim will first be confronted with the following login page, which, like the email, is designed to mimic the real bank website:

Scam Login Page Lloyds TSB

After submitting login details and clicking "Continue" our hapless victim will be taken to another look-a-like scam page that contains the following form, which asks for personal and financial information:

Lloyds TSB Fake banking form
But, of course, when our victim clicks the "Submit" button, all of the sensitive information entered can be transmitted to online criminals who will use it to hijack the victim's real account, and commit credit card fraud and identity theft.

In spite of a great deal of publicity, phishing still finds new victims every day. And while the tactic continues to work for them, criminals will continue to devise new cover stories designed to separate the unwary from their money and personal information.

Bookmark and Share


Previous Article            Next Article

Issue 142 Start Menu

Pages in this issue:
  1. Spiderman Window Cleaners Picture
  2. Post Circulating Rekindles a 1990's Anti-Margarine Email
  3. Rey Mysterio is NOT Dead
  4. UN Observers at USA Polls Protest Message
  5. Urban Legend - NASA Scientists Discover Biblical 'Missing Day'
  6. Windows Email Security Update Phishing Scam
  7. Does a Circulating Image Show A Rapist Coach Slashed by a Protective Mother?
  8. Hoax - 400 Marine Corps Dogs Need Homes
  9. Skype 'lol is this your new profile pic' Ransomware Warnings
  10. 'News Report' Claims Gonorrhea Spread Through Air
  11. DealsDirect Phishing Scam
  12. Facebook 'Blocked Account' Scam Email
  13. Bank of Queensland 'Security Message' Phishing Scam
  14. LinkedIn 'Invitation to Connect' Malware Emails
  15. Lloyds TSB 'Internet Banking Account Status' Phishing Scam
  16. NASA JPL Twitter Account Retweets Anti-Romney Material