Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

PHISHING SCAM - 'Visa Card Status Notification'


Outline

'Status notification' email purporting to be from Visa claims that the recipient's card access has been limited because 'unusual activity' has been detected.

Facebook phising
© Depositphotos.com/ tang90246

Brief Analysis

The email is not from Visa. It is a scam designed to steal the recipient's credit card data. A link in the email opens a fake website that asks for the user's credit card number, and other information pertaining to the recipient's Visa account.

Example

Subject: Access to your Visa card has been blocked
Visa Card Status Notification
We are contacting you to Inform you that our Visa Card security department identified some unusual activity in your card. In accordance with Visa Card User Agreement and to ensure that your Visa Card has not been accessed from fraudulent locations, access to your Visa Card has been limited. Your Visa Card access will remain limited until this issue has been resolved please Click My Visa Card Activity to continue.
My Visa Card Activity
We take your online safety seriously, which is why we use state of the art notification systems to identify unusual activity and a challenge process to validate your details.
Thanks for banking with Visa.
Customer Finance Department

© Visa & Co, 2014.

Visa Card Notifications


Detailed Analysis

Detailed Analysis
According to this email, which presents itself as a 'Visa Card Status Notification', access to the recipient's Visa card has been blocked. The message advises that the account limits have been implemented because the Visa Card security department identified some unusual activity on the card.

The message invites users to click a link to resolve the issue and restore access.

However, the message is not from Visa and the claim that the account has been limited is a lie. In fact, the email is a typical phishing scam designed to extract financial information from users.

The email's links open a bogus website created to closely mirror the look and feel of a genuine Visa webpage. The fake page will include a 'verification form' that requests users to supply their credit card number and other account details. After supplying the requested information, users will be taken to a second fake page that informs them that the problem has been resolved and restrictions have been removed.

Thus, victims may go about their business in the mistaken belief that they have rectified the problem with their card and all is well. But, of course, there was no problem with the card to begin with. And, now that they have procured the card details, the criminals can commit fraudulent transactions via the Visa accounts of their victims.

Such phishing scams are very common and continually target customers of major credit card providers and financial institutions all around the world. A well-worn phishing tactic is to claim that the recipient's account has been blocked or suspended. As in the above example, these scam messages will claim that users can resolve this block by clicking a link - or in some cases opening an attached file - and filling in a verification form.

Be wary of any message that claims that you are required to click a link to rectify an account issue or update account information. If you receive such an email, do not click any links or open any attachments that it contains.



Last updated: April 22, 2014
First published: April 22, 2014
Written by Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
Visa Personal Password Phishing Scam
American Express 'Personal Security Key' Phishing Scam