Monday, November 07, 2005
Apparent phishing by my own bank
I recently receive an email from my bank, RBS, which looked pretty dubious.
Firstly, the "from" field contained: "RBS" -- a host that doesn't exist. it does also contain the line:
I tried the above domain name, no website. I tried adding www, removing ccc and combinations. Nothing. This makes the email look like either spam or some sort of con / phish event. Both domains are registered to RBS but not having a web site makes it look dubious.
At the end of the email is:
Following the FAQ link, then seeing Contacts Us page, I thought I'd let them know that I had no idea whether to trust the email or not. There is only a phone number - 0870 010 4542, so I called... only to have the call dropped by the other end with no greeting or identification. Dubious, or simply poor?
As a last resort, I thought I'd detail it all here and let them know via other means (if I can find a way for them to actually listen).
Firstly, the "from" field contained: "RBS"
*This is an outbound message only. Please do not reply.*which suggests that customer feedback is definately not wanted. I can understand they want customers to use certain channels to feedback through, but why not just send an automated reply giving phone numbers etc. It would then allow them to monitor how may people wanted to contact them via email / on the web -- it may be significant and an easy way to understand this.
I tried the above domain name, no website. I tried adding www, removing ccc and combinations. Nothing. This makes the email look like either spam or some sort of con / phish event. Both domains are registered to RBS but not having a web site makes it look dubious.
At the end of the email is:
How do I find out more details?which, if you look at the link destination, goes
You can look at the full FAQ's on www.rbssecure.co.uk.
to:https://www.securesuite.co.uk/rbs/registration/welcome.jsp?partner=rbs.consumerAnother classic spam/phish tactic. Actually, going to the link text address (rbssecure) does bounce you to the latter. Sounds like the web admins, have never heard of mod_rewrite / ProxyPass. If this is real, then it should look real too.
Following the FAQ link, then seeing Contacts Us page, I thought I'd let them know that I had no idea whether to trust the email or not. There is only a phone number - 0870 010 4542, so I called... only to have the call dropped by the other end with no greeting or identification. Dubious, or simply poor?
As a last resort, I thought I'd detail it all here and let them know via other means (if I can find a way for them to actually listen).
Comments:
<< Home
We too after hours of frustration finally found someone at MBNA Master Card whom explained their ineptitude. They created and set up this new 3D security thing and launched it BEFORE regestering all of their members card numbers. Therefore if they haven't entered you in their system yet you will be rejected when trying to make purchases on line.The following day we were phoned by MBNA reporting to us that someone tried to use our card fraudulently. After explainung it was US, they said we could register ourselves ( the other rep said we couldn't) by going to www.securesuite.co.uk; however we have tried that and it is not working. I'm back to try again.Lisa
# posted by 
: 4:15 pm
: 4:15 pm
I also received one of these emails and now after reading this blogg, the penny dropped.
I bought some NR tickets the other day and was faced with a new system that looked so shoddy and gave me so little reasurance to its actual validity that i had to do a truckload of checks before i submitted my payment, turns out it was valid and some system for RBS but boy?!
and now this confirmation email that I was convinced was a phony( I received about 10 a week...last 2 weeks have been quite though). couldn't figure out how they were trying to get the information from me from that email. started looking at the phone number(though thta it was a phony number) and did a search on the internet.
turns out that natwest and RBS have the same number listed to their customer support
0870 010 4542
UK banking in a nutshell!
Dan
I bought some NR tickets the other day and was faced with a new system that looked so shoddy and gave me so little reasurance to its actual validity that i had to do a truckload of checks before i submitted my payment, turns out it was valid and some system for RBS but boy?!
and now this confirmation email that I was convinced was a phony( I received about 10 a week...last 2 weeks have been quite though). couldn't figure out how they were trying to get the information from me from that email. started looking at the phone number(though thta it was a phony number) and did a search on the internet.
turns out that natwest and RBS have the same number listed to their customer support
0870 010 4542
UK banking in a nutshell!
Dan
# posted by : 2:27 pm
: 2:27 pm
Yeah they will do anything to get their filthy hands on your money.
Funnily (if you have that kind of sense of humour), if you google the telephone number that you were given (0870 010 4542) you will have results for many leading banks: NatWest, MINT, RBS, NoChex. A little strange that they all have the same phone number for customer services eh?
Mike
Funnily (if you have that kind of sense of humour), if you google the telephone number that you were given (0870 010 4542) you will have results for many leading banks: NatWest, MINT, RBS, NoChex. A little strange that they all have the same phone number for customer services eh?
Mike
# posted by : 10:59 pm
: 10:59 pm
I got an email saying I've changed my password and i must ring the number above immediately if this was not the case. I haven't changed my password, and used it to log on to online banking AFTER the time it says the password had changed? immediately alarm bells are ringing. The email looks fake, the voice on the end of the line sounds budget, can someone please advise if this is real or not - I am very suspicious!
Post a Comment
# posted by : 11:25 am
: 11:25 am << Home
