Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    eBook    Contact
Bookmark and Share

NatWest 'Account Locked' Phishing Scam

Email purporting to be from UK bank NatWest, claims that recipient's bank account has been locked due to incorrect account information and that he or she must therefore click a link to correct the information and regain access.

Brief Analysis
The email is not from NatWest. In reality, the message is a phishing scam designed to trick users into suppling their personal and financial information to cybercriminals via a bogus website.

Bookmark and Share
Detailed analysis and references below example.

Scroll down to submit comments
Last updated: September 11, 2012
First published: September 11, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Subject ALERT !

Natwest Phishing Scam Logo

Dear NatWest Customer,

Your account registered with NatWest BANK ACCOUNT has
been LOCKED due to incorrect account information.

This account will remain locked until correct information is received.
To correct your account information please follow the information below.

1. Log in here to Update
2. Enter the required information, and update the account information
3. You must login after the information


Note: Failure to update your information will lead to online service suspension.

Yours sincerely,
Online Customer Service
National Westminster Bank plc

Detailed Analysis
This email, which purports to be from large UK based bank National Westminster (NatWest), claims that the recipient's bank account has been locked because the account contains incorrect information. To rectify the problem, the recipient is instructed to click a link to login to their NatWest account and supply the requested information. The recipient is further warned that failing to supply the information will result in an ongoing service suspension.

However, the email is not from NatWest and the claim that the recipient's account has been locked is a lie. A user who falls for the ruse and clicks the link in the scam email, will first be presented with the a bogus login webpage as shown in the following screenshot. The fake page is designed to look like a genuine NatWest webpage:

Natwest Phishing Scam Fake Login
If the user enters the customer number as required and "logs in" on the bogus website, he or she will be presented with a second fake webpage that asks the for bank account's PIN and password as well as as card numbers, ATM details and other personal information:

Natwest Phishing Scam Bogus web form

If the user then clicks the "Next" button on the bogus webpage, he or she will be redirected to the genuine NatWest website, and may therefore have no idea at that point that skulduggery is afoot. Meanwhile, all information submitted on the bogus website can be collected by the scammers and used to hijack the victim's real NatWest account and commit credit card fraud.

Phishing scams just like this one are extremely common and continually target users of various financial institutions and other online service providers all around the world. Be very caution of any message that claims that you must click a link or open an attachment to rectify or update an online account. Legitimate entities are unlikely to make such requests to customers via unsolicited emails. It is always safest to access your online accounts by entering the account's web address into your browser's address bar rather than by clicking a link in an email.

Bookmark and Share

Last updated: September 11, 2012
First published: September 11, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer