As phishing emails go, the email reproduced below is very legitimate looking. This email comes directly from my own email account. DO NOT CLICK ON THE LINK. The email is a scam and if you click on the link, you will either be prompted to provide personal information that will be used to make you a victim of identity theft or alternatively, merely by clicking on the link, you will download keystroke logging malware that will steal your personal information from your computer or smartphone and use it to make you a victim of identity theft. The email address from which it was sent is close enough to the real email address of Sun Trust to make it appear genuine. The logo which was on the email I received also was a good copy, but it is important to remember that it is a simple matter to counterfeit a logo. One indication that it is a scam is that it is addressed to me as a Sun Trust Client rather than by name, however, for all intents and purposes, this is a well constructed phishing email tailored to induce the person receiving it to click on the link and provide the requested information.
Here is a copy of the email.
“Dear SunTrust Client:
SunTrust has developed a number of online and offline security measures to help protect you and your identity. In addition to using advanced security technologies, such as encryption, firewalls and virus protection, we employ teams of security experts focused solely on fraud protection and identity theft prevention.
SunTrust is committed to helping you keep your online transactions safe and secure. By following our recommended best practices, you can help mitigate the risk of fraud and unauthorized access. Use this checklist to verify that you are following our recommended security standards and best practices.
Authentication/Computer Security
Click on
Sign on to confirm your personal and account information.
Install and keep anti-virus and security software up to date on your computer.
Security software helps protect your personal and account information from unauthorized access.
Consider using a personal firewall as it can help prevent attacks against your computer.
Install software patches, operating system updates, legitimate third party application updates, and hotfixes.
Secure your home or office wireless network.
Please do not reply to this email. You received this email because you signed up for SunTrust Online Delivery Service. You can update your online preferences anytime within Online Banking.By replying to this email, you consent to SunTrust’s monitoring activities of all communication that occurs on SunTrust’s systems. This is a service email sent by SunTrust Bank. If you no longer wish to receive messages of this type, please unsubscribe here.SunTrust Bank, Member FDIC. ©2015 SunTrust Banks, Inc. SunTrust is a federally registered service mark of SunTrust Banks, Inc. How can we help you shine? is a registered service mark of SunTrust Banks, Inc.
This email was sent on behalf of SunTrust Customer Care, 1575 Lemon Farris Road, Cookeville, TN 38506″
TIPS
Although this email looks legitimate it is important to remember that your bank is not going to ask you to confirm your personal and account information, however an identity thief will. In addition, emails from your bank directed to you will come addressed to you by name rather than generically as “Dear Customer.” Finally, you should never click on any link in an email or text message or provide information in response to an email, phone call or text message until you have confirmed that it is legitimate and the only way to do this if you receive such an email is to contact the company by phone at a number that you know is accurate to find out for yourself whether or not the communication is a scam. In this case, because I am not a customer of Sun Trust, I already knew it could not be anything but a scam. Trust me, you can’t trust anyone.
