Monday, 7 July 2014

The anatomy of a phishing attack

A consumer sent us an email she had received inviting her to log on to her bank's online banking system. By coincidence she thought this was targeted at customers of First National Bank (FNB) whereas in fact it was trying to cheat customers of First Bank of Nigeria (FBN).

The email began:

and then continued:


Look again at the link in the email. This is what you see if you hold your pointer over the link:


Instead of visiting a site in Nigeria you'll in fact be redirected to a web site in Hong Kong (.hk) which then redirects to a site based in Slovenia.

Finally you reach a login screen which is a fairly plausible facsimile of the real FBN site.


If you're naive enough you'll enter your banking sign-on details here.

Very smartly the following screen demands even more personal details, all of them the sort of things you'll use to prove your identity to your bank and which can be used to steal your online identity.


and then...


Once you get to this point nothing works any longer, the screens just freeze. However by this stage the scammers have all of your banking sign-on details. Rest assured your bank account will be empty within hours, if not minutes.

Please never, ever sign on to your internet banking system using a link provided to you in an email. Only scammers ask you to do.

No comments: