Just now I got a spam email purporting to be from my bank. In fact, I get lots of these because I obviously have accounts with Barclays, NatWest, HSBC, HBOS, RBS, CitiBank, WellsFargo, Clydesdale, Caja Madrid, ING, and a whole host of others.
Obviously some people are still fooled by them, otherwise they wouldn’t still be sending them out after all those years. In fact, the mails do look like they could be authentic. The from address appears to be from the right place, the wording looks like it could be from my bank, and it gives me a link that looks like the one I log on with. However, it is still a scam.
I’m guessing the normal readership of my blog, mostly software developers, would be able to spot a scam like this fairly easily, but for anyone arriving via Google direct to this page and are looking for some tips for spotting a scam here goes:
Here is the body of a scam email I received:
Royal Bank. always look forward for the high security of our clients. During our regularly scheduled account maintenance and verification procedures, we have detected a slight error in your account information.This might be due to either of the following reasons:
1. A recent change in your personal information.
2. Submitting invalid information during the initial sign in process.
Due to this, you are requested to please update and verify your information by clicking the link below:
We have asked few additional information which is going to be the part of secure login process. These additional information will be asked during your future login security so, please provide all these info completely and correctly otherwise due to security reasons we may have to close your account temporarily.
We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
Royal Bank Of Scotland.
Please do not reply to this e-mail. Mail sent to this address cannot be answered.
For assistance, log in to your Royal Online Bank account and choose the “Help” link on any page.
Royal Bank Email ID # 1009
I’ve highlighted some of the text in red, as I’m going to talk about it.
First off, “Dear Customer”, really?! – how impersonal, surely you already know who I am? If the email is so general that they’ve used “Dear Customer” then they’ve obviously sent it to everyone and they really haven’t a clue what there systems are doing. No bank should be that clueless.
Next is the dot after “Royal Bank”. That’s not the end of a sentence. It isn’t even a sentence (it contains no verb). Perhaps they are using the “.” to signify an abbreviation of sorts, but I’ve never seen any Royal Bank communication do that. In fact, I’ve never seen anybody do that for “Royal Bank”.
“Look forward for” is grammatically incorrect, you look forward to things, not “for” them. And why would they be looking forward to the high security of their customers. Surely that already exists. The bank has been around for about 300 years, I imagine after all that time they must be doing something right with regards to security.
You also have to ask yourself, why would the banks processes be so bad as to cause an error for the reasons stated?
Next is the URL (the web address) given to you in order to log in. Hover over it and look in your browser’s status bar. Did you notice that the status bar says something different to what you see on the page? I’ve altered the real address so people don’t inadvertently use it, but you can see it doesn’t match the bank’s real address.
Now, they are asking for additional security information during the log in process. Many banks only ask for random bits of information during the log in process. Like one time they’ll ask for your mother’s name, the next they’ll ask what the first school you went to was, and so on. The spammers obviously need to know all the information so that when they get presented with the real random question they’ll be able to answer correctly.
Finally, why would they close your account temporarily? A bank would never actually close an account for a potential security violation. They may suspend it, or remove access to it, but never actually close it.
So, here are some tips:
- If you receive an email purporting to be from your bank, don’t click on any links in it.
- If your banks log on procedure appears to be different from the previous time, check with the bank themselves. They may have updated their website, or it may be a scam, best to check.
- When you log in, ensure that the address in your address bar is the one you expect, and that it is a properly secure connection. There will be a padlock on the address bar or in the status bar (depending on which browser you have)
- Banks are generally fastidious about grammar and spelling in any communication they send out. It makes them look highly unprofessional if they weren’t. So check any emails for grammatical or spelling errors.