Travelogue & Photography
Posts tagged attempt phishing bank account
Maybank Scam Site 4
0860 days
I found that Maybank has been hit with fake/scam/phish email much more frequent than their counterparts. Maybank, in no doubt topping my list with fourth series with this post.
Sample phishing email
You may easily fall into trap to believe this was a genuine and absolutely NO WRONG with this email by Maybank directly, am I right? The ONE Malaysia logo has further convinced the customer to trust this email.
IN FACT, big LIAR is just behind this email. Remember to be aware of such NO SUCH REQUEST or ANY EMAIL UPDATE to customer via online ever been sent by bank on profile update, investigation, immediate response or etc.
As you should aware that, WHAT THE HELL with AOL.com in the Mail-By column?
It’s freaking easy to say that it wasn’t send by Maybank.com, right? Thanks to Gmail service who able to identify where real sender network from.
Maybank Scam Site 2
01209 days
It has been a long time since I wrote Scam Site series. This post is the continuous post from Maybank Scam Site which I believe it would have gone by now. Never mind, as long as it could serve for educational purposes, I would rather to post it here.
In the first place, I was receiving an email requested that I should perform an activation of my new online payment system. Without any doubt, the link is available for me to click. The sender looks real and no one would ever think twice of this scam at all. ALL I DO is just a click!
Public Bank Scam Site
01496 days
I love to write about scam site. It serves the purpose of educating people not fall into such prey especially related to internet banking. Again, I’m not a customer of Public Bank. This is my third writing on banking scam site after CIMB and Maybank.
First of all, to begin the phishing, one has to receive a fake email claiming from the bank. It looks genuine though. Good job.
Wait. It’s not a good job done eventually. We read through and found that the email address verification expert @ pbebank above is without ‘t‘. Can I call this stupid attempt? Rushing perhaps?
Try to click on the link given, you will be directing to the other site similar to the genuine. You will not able to differentiate if you’re not IT literate user or active customer.
The address (URL) is changing to:
http:// www.publicplann.1free.ws/ public_access/ Public_Bank_Berhad_Internet_Banking.html
Try to key-in any user ID and password to test it out.
Upon click LOGIN button, the following screen will be display for few seconds.
Looks convincing but is it too simple to have such interface? Even first year student know how to create HTML redirection page like this.
The next screen will ask you to key-in the PAC number (will sent to your mobile phone). But the PAC only needs to key-in after 8 mins. Why? It’s because they need time to verify and login into your account from the ID and password key-in in earlier screen.
Once your real PAC number entered, scammer will have full access on your banking account.
However, PAC number entered will never be validated, and the error shown below. It serves the purpose to delay or making you unaware that you’re being scammed all the way from first screen.
You will be ask to click REQUEST PAC button. Again, a flaw with PAC is in small letter? Rushing perhaps?
To continue making you unaware, you will be bringing to this static page below forever. In fact, it will never load at all due to static page used.
Once you realized this is a prey (suspect something wrong with PAC and loading thingy), it will be too late already. Money is gone from your account.
With all these phishing, please be aware that bank will never ask you for ID and password. This kind of threat is just want to get your ID and password to transfer your money out. NEVER, NEVER let any third party know your ID and password.
Bank has been the main targets and was hit so badly recently.
Maybank Scam Site
11527 days
I’m not a customer of Maybank. However, I would like to share one of the many scam activity going on targeting every major banks.
Below are the ways how they get your ID and password.
I received an email saying that I need to update my personal details as part of their account maintenance. They even mention about me changing my personal information recently. HELL NO! I did not call the bank, maybe others want to imitate me. By thinking this way, I may give a shot to click the link provided.
After that, proceed to login at FAKE website as shown below.
Type your ID and password together with TAC number that received via SMS mobile.
If you are using Maybank 2U Online all the while, then WHAT THE HELL 2 database server dot com is doing in the email? How on earth maybank may use external database to store information? IT literate customer may know this immediately.
If you see the THANK YOU page. Congrat, you are damn already.
Phisher at this stage already success to get your ID and password. They demand you not the login at the specific time to prevent dual login in different IPs at the same time. Dual login is easy to be detected by the monitoring tools and ID will be block after that.
What so ever, they will perform a valid login on the real banking website and perform fund transfer out to their account before you ever realize it as a scam.
Please DO NOT trust anything that you see fishy. This kind of threat is targeting the non IT savvy and easy to fall into trap. Bank was hitting so badly with phishing activity recently.
CIMB Scam Site
31565 days
I’m not a customer of CIMB Bank. However, I would like to share one of the many scam activity going on targeting every major banks.
Below are the ways how they get your ID and password.
I received an email saying that I need to update my personal details as requested by the bank for security purpose. A link is provided for me to start. As the process require TAC number, my page will be directing to the REAL banking site to obtain the TAC via mobile phone SMS.
After that, proceed to login at FAKE website as shown below.
Type your ID and password together with TAC number that received via SMS mobile.
For this case, I randomly fill-in and it manage to go through!! (a trick to identify scam site).
Fill in your personal details as requested (fill up the fake information indeed) and SUBMIT for update.
Successful confirmation will display for few seconds before re-directing to CIMB Bank FAQ site.
Done!! You’re done and a big trouble is awaiting for you soon.
As you can see, this kind of phishing will be successful if you key-in everything REAL!!
Your ID and password is submitted to the  third party during on the process above. Your login information is captured and scammer will make a valid login on the real banking website. Without your knowledge, they’re able to transfer out your money from your account at a split of the second.
So, please beware and aware of this kind of threat online. Bank was hitting so badly with phishing activity recently.
