Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Western Union Database Update Phishing Scam

Outline
Email purporting to be from Western Union claims that, due to a database update, recipients must follow a link in the message and update their online profile or risk having the account limited.



Brief Analysis
The email is not from Western Union. It is a phishing scam designed to fool Western Unions users into divulging their account login details and other information to Internet criminals.

Bookmark and Share
Detailed analysis and references below example.





Last updated: 18th January 2012
First published: 18th January 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: Important Profile Notice

Dear Western Union valued customer,

You received this email as a notice for the database update for this month. This update is designed by our IT engineers to provide higher security to our customers online accounts, prevent unauthorized account access and other types of online fraud.

You are required to update your online profile by clicking on the following link:

Click here to access your online profile

Please note that this a one-time task that will take only 3-5 minutes of your precious time. However, failure in updating your profile will result in limiting your account access. We appologize for any inconvenience.

Thank you,
[Name removed]
IT Assistant,
Western Union.





Detailed Analysis
This email, which claims to be from money wire service Western Union, warns recipients that their Western Union account may be limited if they do not click a link in the message and update details in their online profile. It claims that customers are required to provide the information because a database update is being carried out that will supposedly enhance account security.

However, the email is not from Western Union and the claim that customers must update their account details is a lie. Those who follow the link will be taken to a fake website created to resemble the genuine Western Union site and asked to login as shown in the following screenshot:

Fake Western Union Login

Once customers have logged in on the fake site, they are then presented with another bogus form that asks them to provide information about their account test questions:

Fake Western Union Login

All information submitted via the login page and the bogus update form can be collected by scammers. Once they have this information, the scammers can then login to the victim's real Western Union account and use it for nefarious purposes such as money laundering. The scammers may be able to use the stolen "Test Question" details to collect payments without having the user's proper identification documents. For example a scammer could pretend that his wallet and ID had been stolen and use the Test Question process to claim funds in a victim's name.

After victims have submitted the final fake form, they are automatically redirected to the genuine Western Union website. Thus, many may not realize that they have been caught in a scam until the criminals have already gained access to their accounts.

Western Union is regularly targeted by phishing scammers. Western Union will not send you an unsolicited email asking for your login and credit card details.



Bookmark and Share

References
Western Union - Protect Yourself from Fraud
Western Union Unauthorized Transaction Phishing Scam
Phishing Scams - Anti-Phishing Information
Western Union 'Too Many Login Attempts' Phishing Scam

Last updated: 18th January 2012
First published: 18th January 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer