Monday, October 23, 2006

BANK WARNS OF E-MAIL SCAM

May 19 2005 at 07:41AM


A rapidly spreading email has been illicitly attempting to obtain the details of unsuspecting online First National Bank customers. A local anti-virus company, NOD32 South Africa, said at first glance the email appeared to have been sent by FNB.
Closer examination revealed that it was not a genuine FNB email, but the latest in the recent spate of international "phishing" email scams. Until now, such scams only targeted users of big banks in Britain and the United States.
"Phishing" involves sending an email which attempts to lure the reader to a clone of the bank website.
One variation of the bogus email said: "This email was sent by the FNB server to verify your email address. You must complete this process by clicking on the link below and entering your FNB user ID and password. This is done for your protection because some of our members no longer have access to their email addresses and we must verify it."

NOD32 CEO Justin Stanford said: "The email appears to the end-user to be coming from a genuine FNB employee and coerces the user into clicking on a website link, which attempts to obtain their internet banking username and password. The website actually uses a part of FNB's real website, as well as a site redirection trick, to appear extremely authentic. Even to users familiar with computers, it is very convincing.
"This is among the first South African bank-specific phishing email seen... and, because of its authentic appearance, we expect many users may have already stepped into the trap. Users are advised to be extremely cautious when receiving such an email, and to ignore it completely. If unsure, contact your bank to double-check its authenticity," Stanford said.
FNB customers who received the email and who had supplied a username and password to the scam website were advised to contact the bank immediately to change their access details.
FNB spokesperson Jennifer Heeger said: "The initial investigation shows that the website is hosted outside of South Africa. The bank is doing everything in its power to shut the website down as soon as possible."
FNB has encouraged its customers to beware of email scams, and to be alert to the following security precautions:

  • If unsure of the origin of an e-mail, call the FNB Internet Banking Helpline number provided in the email to verify it.
  • Never answer an email asking for personal information.
  • Instead of following the hyperlink from an email, rather type in the URL (for example: www.fnb.co.za), which will take you directly to the website.
  • Ensure the website address is prefixed with "https" and not just "http". A picture of a padlock appears on the bottom right of the browser page, indicating a secure website.
  • Verify that you are visiting a secure website by checking the security certificate.
  • Check the email for grammatically incorrect language, as this is often an indicator of a fraudulent email.
  • Check that the email is signed by a company official.
    Roland le Sueur, Head of FNB Internet Banking, said just five customers had been affected by the email and a small amount would be refunded. He said the clone website had previously been found and shut down but kept resurfacing.
      • This article was originally published on page 3 of The Mercury on May 19, 2005
  • No comments: