Issue 156 - June, 2013 (2nd Edition) - Page 16
SunTrust Bank Phishing Scam Email
Email purporting to be an Activity Summary from US based bank SunTrust claims that the recipient's contact information has been updated and that he or she can click a link to view the updates.
The email is not from SunTrust. It is a phishing scam designed to trick recipients into divulging their account details and other personal information to cybercriminals.
Subject: Your SunTrust Activity Summary
Your contact information has been updated
We have updated your Suntrust Bank contact information:
To view the updates, or make additional updates, sign on to update your contact information.
If you did not make this request online, by phone, or at a Suntrust branch, please call us immediately at 1-800-330-4684 for personal banking and for small business banking. We are available 24 hours a day, 7 days a week. Please do not reply to this email.
Note: If you use Bill Pay, you will need to update your contact information for that service separately. You'll find a link on the right side of the Update Your Contact Information screen.
This email, which masquerades as an Activity Summary from US bank SunTrust
claims that the recipient's contact information has been updated. The message states that the recipient can view this supposed update by clicking a link and signing in to his or her account. The message includes the SunTrust logo and message formatting.
However, the email is not from SunTrust Instead it is an attempt by phishing scammers to trick SunTrust customers into sending their account login details and other personal information to Internet criminals. The scammers hope that some recipients will be panicked into believing that their account has been compromised and therefore follow the link without due forethought.
who fall for the trick and click the link will be taken to a bogus website that is virtually identical to the genuine SunTrust login page. Once they provide their user ID and password on the bogus site, they will be taken to a second bogus page that asks for further banking details as well as email account information:
All of the information submitted can be collected by scammers and used to hijack bank and email accounts belonging to victims.
This phishing attempt is somewhat more sophisticated than some. Many banks will send an automatic email to customers if account details have been updated so the message may resemble genuine banking messages that the user has received in the past. Moreover, the bogus site even displays a fake data verification message after users enter the requested information in an attempt to make the process seem more legitimate. Finally, victims are automatically redirected to the genuine SunTrust website and shown a message notifying them that have successfully signed out of the banking session. Thus, users may continue to believe that they have successfully verified their account details and may not realize that they have handed their accounts to criminals until it is far too late.
Never click links or open attachments in unsolicited
emails purporting to be from your bank. Even if the email looks genuine. The safest way is to always login to your online accounts by entering the web address into your browser's address bar rather than by clicking an email link. If you receive a scam email pretending to be from SunTrust, you can report it to the bank.
Last updated: June 3, 2013
First published: June 3, 2013
By Brett M. Christensen
Pages in this issue:
- Garbled Facebook Message Warns of 'New FB Cloning Scam'
- No, Microwaving your Smart Phone Will NOT Charge Its Battery
- Bogus Warning - Don't Flash Headlights Gang Initiation
- Perfume Email Hoax
- Giant Snake on Digging Machine Image
- Ticketmaster 'Ticket Order Confirmation' Scam Emails
- Black Muslim in the White House Virus Hoax
- Super Moon June 23, 2013
- UPS 'Parcel Has Been Found' Malware Email
- System32 Virus Hoax
- NAB Survey Phishing Scam
- Dubai Sewage System - Poop Truck Video
- Vodafone Tax Refund Phishing Scam
- Vodafone System Update Phishing Scam
- Impaled Boy Facebook Like Farming Hoax
- SunTrust Bank Phishing Scam Email
- Westpac 'Quick Survey' Phishing Scam
- Cold Water Causes Cancer Warning Message - Warm Water and Heart Attacks
- Facebook Account Locked Due to Malware Warning
- Webmail Account Phishing Scam
- 'European Financial Surveillance Union' Advance Fee Scam
- Jane's Story - Dating Scam