We all know about fake banking emailers that regularly get sent out, giving the impression that the mail is being sent from a legitimate financial institution.
We also know all about what to watch out for - I have written several posts on the topic in the past which you can search for if you need to find out more.
Anyway, I just received the latest FNB scam in my Inbox, and thought I would put some points out there about it:
- The mail supposedly comes from nolan.steven@fnb.cc.za - alarm bells should be ringing there already, since the sender domain specified is @fnb.cc.za (not @fnb.co.za);
- The mail did not go to Junk Mail, so somehow it got past my ISP filters and Outlook's Junk Mail filter;
- The body of the email is a bit dodgy (it's the first giveaway - oddly worded, no branding, plain text email...), and it goes like this:
- If you click the link, you get to the page below, which actually looks pretty good if you aren't keeping up to date with the current FNB page. If you enter anything into the User ID and Password fields, it actually goes on to a One-Time PIN page, keeping up a pretty good illusion of legitimacy.:
Sure, there are ways to mask URL's, but so far in all the scam mails I have received I have never come across a masked URL, so hopefully things remain this way...!
We also know all about what to watch out for - I have written several posts on the topic in the past which you can search for if you need to find out more.
Anyway, I just received the latest FNB scam in my Inbox, and thought I would put some points out there about it:
- The mail supposedly comes from nolan.steven@fnb.cc.za - alarm bells should be ringing there already, since the sender domain specified is @fnb.cc.za (not @fnb.co.za);
- The mail did not go to Junk Mail, so somehow it got past my ISP filters and Outlook's Junk Mail filter;
- The body of the email is a bit dodgy (it's the first giveaway - oddly worded, no branding, plain text email...), and it goes like this:
Debt.
order ending 41405 from Old Mutual has deducted your monthly payment.
Click here to stop the order if you are not satisfied.
Regards
Click here to stop the order if you are not satisfied.
Regards
The fake FNB site... |
The fake OTP page... |
- Rule of thumb: ALWAYS check the URL (web address at the top of the page) to see where you really ended up after clicking the link. Check this one out - it's the "smoking gun"...:
Somehow I just don't buy "gledo.com"...
Once again, ALWAYS check the URL above the site.
The fake URL... |
Once again, ALWAYS check the URL above the site.
Sure, there are ways to mask URL's, but so far in all the scam mails I have received I have never come across a masked URL, so hopefully things remain this way...!
Be safe out there - even scammers need to eat, and they will send out anything remotely believable to try and prey on unsuspecting victims.
0 comments:
Post a Comment