Scam of the day – September 17, 2016 – National Australia Bank phishing scam

Phishing scams by identity thieves posing as your bank are not limited to the United States. Reproduced below is a phishing email that is presently being sent to customers of the National Australia Bank that is consistent with the pattern for such phishing emails around the world.  The email looks official and even has an easily counterfeited logo of the bank.  Such emails often indicate that unless you verify your account information, your account will be suspended.  In this particular phishing email, if the customer clicks on the link provided it will take the customer to an official looking page that asks for personal information including bank account and credit card information.  After filling in the form the victim is actually directed to the real National Australia Bank website, but by then, it is too late.  The victim has already turned over his or her information to an identity thief who can use it to access the victim’s bank account and credit card.

You should always ignore any email like this.

TIPS

Although the good rule to follow is to never click on any links or download attachments in emails and text messages unless you have absolutely confirmed that they are legitimate, phishing emails such as this have telltale indications that they are phony.  In this instance, the email is addressed to “Dear Customer.”  Any legitimate email that you would get from your bank would use your name and provide the last few digits in your account number.  In addition, no bank will ask you to verify account details by way of a link in an email or a text message.  If you receive an email or text message such as this and are concerned that it might be real, you should merely call your bank at a telephone number that you know is accurate where you can confirm that the email was merely a phishing scam.

Scam of the day – July 10, 2015 – Navy Federal Credit Union scam

Below is a good example of a scam phishing email send by an identity thief attempting to lure the receiver of the email, (in this case, me) to download the attachment, which will then cause of one of two things to happen, both of which are bad.   Either by downloading the attachment, you will either unwittingly download keystroke logging malware that will steal the information from your computer and use it to make you a victim of identity theft or the download will, under the guise of providing greater security to you, require you to provide personal information that will be used to make you a victim of identity theft.  Here is a copy of the email I received.  DO NOT CLICK ON THE LINK OR DOWNLOAD THE ATTACHMENT.   You can see that the email looks quite legitimate and the logo looks real.  However, one good indication that this is a scam is that the salutation is “Dear Customer” instead of inserting a real name.

 


Dear Customer,

We’re writing to let you know that your online account has been temporarily

suspended due to recent access to your account from an unknown IP address.

To re-activate your account, download “Navy_Federal_Update_Form”

attached to this message and complete the process.

Thank you for helping us serve you .

Yours sincerely,
� 2015 Navy Federal Credit Union, All Rights Reserved.

TIPS

My advice whenever you get an email or text message with an attachment or a link is not to download the attachment or click on the link unless you have confirmed that it is legitimate.  In this case, I am certain that this is a scam because, among other indications, I do not have an account with the Navy Federal Credit Union.  However, even if I did, I would not click on the link or download any attachment.  Instead I would call the Navy Federal Credit Union at a telephone number that I knew was accurate to check on this email.