Very convincing phishing email – Alliance & Leicester
Posted under: 
Phishing emails are usually easily spotted by virtue of poor spelling or grammar along with an obviously fake URL (web address) appearing in the status bar when you hover over the link. This effort has neither. The grammar and spelling are much better than we usually see, and the link (http://www.mybank.alliance-leicester.co.uk.*********.net/index.aspct=mybankhnlogin/index.php) appears at first glance to be an official Alliance & Leicester web address. (*’s mask a string of numbers)
Full text for screen readers: At Alliance & Leicester, we want you to be confident that banking online with us is safe and secure. For us, this means employing the latest technology and multiple layers of security to safeguard your personal details.
Our Technical Services Department are carrying out a planned software upgrade for the maximim convenience of the users of online services of the Alliance & Leicester internet banking.
Please click on reference below to upgrade your account access as soon as possible.
http://www.mybank.alliance-leicester.co.uk/index.asp ? mybanklogin?
Best Regards.
Alliance & Leicester Security Department Team.
We do not advocate clicking on links in phishing emails but as we have VERY strong security at Scam Detectives HQ we decided to explore this one further. What we found was a convincing copy of the Alliance & Leicester online banking login page asking for an 8 digit “customer number”. When we entered a random number we were presented with this screen (click for full view):
Anyone who’s ever seen a phishing login page will notice the difference here. Rather than simply asking for your login details, this webpage also asks for your debit card number and CVC code to “verify” your identity. This would not only allow the scammers to access your online banking, change your statement address and steal your identity, but also to spend your money online or over the phone using your debit card and clearing out your bank account with little chance of being caught.
Advice on avoiding Phishing scams:
- * NEVER click on links in emails that appear to be from your bank, credit card issuer or payment service provider even out of curiosity
- * DELETE the email immediately as it may contain malware
- * DO NOT be tempted to reply to the email telling the scammer what you think of them – you’ll only receive more spam later
- * IF IN DOUBT call the number printed on your statement to speak with your bank’s customer service department
[...] Very convincing phishing email – Alliance & Leicester | Scam Detectives [...]
[...] Very convincing phishing email – Alliance & Leicester | Scam … [...]
[...] Very convincing phishing email – Alliance & Leicester | Scam Detectives [...]
[...] Very convincing phishing email – Alliance & Leicester | Scam … [...]
[...] Very convincing phishing email – Alliance & Leicester | Scam … [...]
[...] Very convincing phishing email – Alliance & Leicester | Scam … [...]
[...] Very convincing phishing email – Alliance & Leicester | Scam Detectives [...]
[...] Very convincing phishing email – Alliance & Leicester | Scam … [...]