Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 156 - June, 2013 (2nd Edition) - Page 16

SunTrust Bank Phishing Scam Email

Issue 156 Start Menu

Previous Article            Next Article

Outline
Email purporting to be an Activity Summary from US based bank SunTrust claims that the recipient's contact information has been updated and that he or she can click a link to view the updates.

Suntrust Phishing Scam

© Depositphotos.com/rukanoga



Brief Analysis
The email is not from SunTrust. It is a phishing scam designed to trick recipients into divulging their account details and other personal information to cybercriminals.

Bookmark and Share
Example

Subject: Your SunTrust Activity Summary

Your contact information has been updated

We have updated your Suntrust Bank contact information:

To view the updates, or make additional updates, sign on to update your contact information.

If you did not make this request online, by phone, or at a Suntrust branch, please call us immediately at 1-800-330-4684 for personal banking and for small business banking. We are available 24 hours a day, 7 days a week. Please do not reply to this email.

Note: If you use Bill Pay, you will need to update your contact information for that service separately. You'll find a link on the right side of the Update Your Contact Information screen.

Suntrust Phishing Email


Detailed Analysis



This email, which masquerades as an Activity Summary from US bank SunTrust claims that the recipient's contact information has been updated. The message states that the recipient can view this supposed update by clicking a link and signing in to his or her account. The message includes the SunTrust logo and message formatting.

However, the email is not from SunTrust Instead it is an attempt by phishing scammers to trick SunTrust customers into sending their account login details and other personal information to Internet criminals. The scammers hope that some recipients will be panicked into believing that their account has been compromised and therefore follow the link without due forethought.

Those who fall for the trick and click the link will be taken to a bogus website that is virtually identical to the genuine SunTrust login page. Once they provide their user ID and password on the bogus site, they will be taken to a second bogus page that asks for further banking details as well as email account information:

Suntrust PhishinG scam Bogus Form

All of the information submitted can be collected by scammers and used to hijack bank and email accounts belonging to victims.

This phishing attempt is somewhat more sophisticated than some. Many banks will send an automatic email to customers if account details have been updated so the message may resemble genuine banking messages that the user has received in the past. Moreover, the bogus site even displays a fake data verification message after users enter the requested information in an attempt to make the process seem more legitimate. Finally, victims are automatically redirected to the genuine SunTrust website and shown a message notifying them that have successfully signed out of the banking session. Thus, users may continue to believe that they have successfully verified their account details and may not realize that they have handed their accounts to criminals until it is far too late.

Never click links or open attachments in unsolicited emails purporting to be from your bank. Even if the email looks genuine. The safest way is to always login to your online accounts by entering the web address into your browser's address bar rather than by clicking an email link. If you receive a scam email pretending to be from SunTrust, you can report it to the bank.

Bookmark and Share

Last updated: June 3, 2013
First published: June 3, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
SunTrust - Report Fraud



Previous Article            Next Article

Issue 156 Start Menu

Pages in this issue:
  1. Garbled Facebook Message Warns of 'New FB Cloning Scam'
  2. No, Microwaving your Smart Phone Will NOT Charge Its Battery
  3. Bogus Warning - Don't Flash Headlights Gang Initiation
  4. Perfume Email Hoax
  5. Giant Snake on Digging Machine Image
  6. Ticketmaster 'Ticket Order Confirmation' Scam Emails
  7. Black Muslim in the White House Virus Hoax
  8. Super Moon June 23, 2013
  9. UPS 'Parcel Has Been Found' Malware Email
  10. System32 Virus Hoax
  11. NAB Survey Phishing Scam
  12. Dubai Sewage System - Poop Truck Video
  13. Vodafone Tax Refund Phishing Scam
  14. Vodafone System Update Phishing Scam
  15. Impaled Boy Facebook Like Farming Hoax
  16. SunTrust Bank Phishing Scam Email
  17. Westpac 'Quick Survey' Phishing Scam
  18. Cold Water Causes Cancer Warning Message - Warm Water and Heart Attacks
  19. Facebook Account Locked Due to Malware Warning
  20. Webmail Account Phishing Scam
  21. 'European Financial Surveillance Union' Advance Fee Scam
  22. Jane's Story - Dating Scam