For your better understanding of bank phishing we are going to look at exactly how its done. While this example pictures bank phishing it is not limited to it. Very similar instances of phishing are used to obtain sensitive information on ebay, paypal, membership websites, basically anywhere a LOGIN and PASSWORD is needed. This phishing email was left recently in my spam box and we are going to look how you can recognize it as such.
What you will always see with these types of email is an eMAIL TITLE that will make you want to click on the link. Scammers are clever and know how to lure you in with powerful words and obtain your passwords. In our example the title is “Your Online Banking Profile had been Suspended” which will make you click immediately on the links because you fear something has happened. DON’T CLICK ON ANY LINKS IN YOUR eMAIL. The links are pointing to a fake duplicate website which will gather all your sensitive information. Your account will be stolen and you may find it empty the next day. For the purpose of this article I went ahead and clicked the links so you can clearly see what will happen, but I never have used any real information.
Notice that email appears to be from Royal Bank of Scotland (http://www.rbs.co.uk)? Everything is there. The images, copyright, security guarantee…but when you hover over the link, you will see in the status bar where the link is actually pointing! It is pointing to a completely different domain, which is a duplicate of the real Scotland bank login form.
If you clicked on this link you were transfered to this page which is a replica of the original below. The scammers have actually done a very poor replication that only is somehow identical to the real page. It could be replicated 100% and the only way you could differentiate these two is by looking at your address bar. The false said “http://www.sailtitusville.com/administrator/components/Logon.html” and the real bank form starts with the real domain name and a SSL (https://www.rbsdigital.com/). Every sensitive login form should be https and not http.
If we fell prey to this phishing email, our login details would be stored in the scammers database and he would easily empty your account in a matter of seconds. Always if you get an email from a bank or similar website saying your account is restricted or banned, or if it says you have won something or have funds waiting…NEVER CLICK on any links in the email. Instead manually type the address of your website into your browser and check it from there. For further information you may want to read the similar eBay Phishing example.