What is bank phishing?
Bank phishing is a technique via which fraudsters try to gather your bank account details using seemingly legitimate emails and web sites. The attack starts with a scam email that is meant to distress and upset you with subjects like “Your account has been hacked“, “Account blocked till futher notice“, “Discrepancy in the account information“, “Change account password” etc.
These emails carry a link to a fraudulent web site that looks like the web site of your bank and would typically carry a login form (form fields for username and password). Aad this is how you get conned into parting with the login details (and ultimately your money!)
Sponsored Links
This article provides details on how to identify a bank phishing email and advises you on what to do. Logos displayed on this page are copyright of respective companies and were a part of the phishing emails I received. They have been shown here only for the purpose of educating the gullible, informing them of the potential danger of phishing attacks.
What can happen if your bank login details fall into the wrong hands?
You don’t need to be a rocket scientist to understand the loses incurred if the bank login information is shared with frauds. Not only will you lose money – funds can be transferred to bank accounts across the globe in a matter of a few minutes/hours – but you can also end up losing your credibility. Several banks have struck down hard at phishing thugs but occasionally messages do slip through.
How to detect a bank phishing email?
Though a bank phishing email might look like one coming from a legitimate source, it will always have some loopholes with which you can easily detect the scam. Generally, scam messages would not be addressed to you (with your name), would be badly formatted and not carry the bank’s logo/colors. Also, the URL of the links in the email might not point to the bank web site. Let us look at some examples.
Example #1 of a phishing email from a bank
Supposedly from Citibank, even the most gullible would identify this email phishing as a scam – the logo of the bank is missing and the formatting is messed up. The email does not carry the name of the recipient (just Dear Citibank Internet Banking Customer) and the URL points to an I.P. address and not the actual Citibank web site. However, the words Citibank do figure in the URL.
Example #2 of a bank phishing email
Email even though it has the bank’s logo, the email can easily be recognized as a phishing attack because of horrid formatting. Also note the URL (web address) displayed on the status bar of Outlook Express which does not indicate that the email is from the bank’s web site.
Example #3
A much better looking email – in fact it looks almost like the real thing. Two loopholes; it is not addressed to any one and the URL is again a giveaway. However, the URL does have the web site of the bank somewhere in the middle. This is a very smart phishing email.
How to protect yourself from the bank phishing attacks?
The most important advice that I can render is not to act rashly. Examine the email closely and if you do want to put your fears at rest, open the bank’s web site in a fresh browser window instead of clicking a link from an email. Thus,
- Do not open web sites by clicking links in email messages.
- Check the URLs or web site address which will be displayed in the status bar of the email program (Outlook Express, for example).
- Look for loopholes that I have mentioned above.
- Download and install the free anti-phishing toolbar from Netcraft that works on a community effort to fish out spoof web sites.
- Report any phishing attack to the bank.
