E-mail bank scammers

Discussion in 'Finance, Property, Law' started by bossyboots, Dec 1, 2008.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. I'm usure if this is the correct forum for this however...

    I was wondering if there are many people on this site who continually gets bombarded with online bank phishers? I manage to get anything between 15-25 per week in my junk mail. I dont open them instead i just report them as phishing. I dont even bank with any of them.
    I asked my bank about this problem and they told me that most of them are coming from Amsterdam and they are doing what the can to stop it.
    Mr Bossy also has online banking too but has never recieved any phishers.
    Here is this weeks so far.

    4 x Abbey National
    3 x Egg Bank
    4 x Lloyds Tsb
    2 x Halifax Bank
    2 x Hsbc
    3 x Barclays Bank

    All those in a space of 3 days! :x
  2. in_the_cheapseats

    in_the_cheapseats LE Moderator

    Mrs ITC seems to get them every couple of days which are reported straight off; my e-mail addresses seems to be off their radar. I do seem to be hit by every Nigerian boiler house scam going which are equally annoying.

    As to the banks going something about them - don't know as we never get any feedback from them on the subject.
  3. I get about the same number as you, all from different banks and societies.
    Remember your own bank will never ask for details via e-mail. As long as you don't click on any links in the e-mail you will be fine.
    I read a report the other day that these scammers only need 0.05% of their e-mails to be answered , in order to make it worth while.
    Just don't be one the numpties that fall for it....

    ....oh and it is bl00dy annoying!!!
  4. The key reason that banks aren't giving much in the way of feedback is this: if they're not originated by HSBC, Abbey (Santander), whoever - how are they going to "investigate" and "do something about it" when they didn't originate the emails in the first place?
  5. I would have thought that it would have paid the banks (after all, they're the ones making up the losses in a lot of the cases) to set up a joint organisation which would flood the phishers with bogus replies with false details; no problem making them appear from thousands of different email addresses.

    The phishers would then be flooded out with so much info that it simply wouldn't be worthwhile trying to find the genuine details amongst all the false.

    Technically possible, not sure about the legal/ethical aspects though.
  6. Hello!

    I actually work in an E-commerce department for one of the banks you've mentioned and part of my job is dealing with enquiries about these e-mails.

    As said no bank will EVER ask you to click on a link, enter or re-confirm your E-banking/Card details in an e-mail. You can also generally tell their fake as their addressed as "Dear Customer" or "Dear Valued Client" etc. Rather than actually using your name.

    Another thing thats on the increase are BHOs (Browser Help Addons), basically what these do is add additional boxes on your banks e-banking logon page.

    So where previously it would ask for your card number and internet password, it'll have a box below or on the next page that looks like it should be there but it'll ask for your CVV2 and Expiry date, again, banks wont ask this information from you via e-banking. If you get one of these just google "BHO Removal" and you'll be able to download specialised software aimed at removing these programs.

    With regards to banks doing anything with these e-mails and fake websites it takes literally months to get them taken down, once that's done it takes the Fraudster about 20 minutes to set another up and start again - so its an ongoing pain in the arrse.

    People do unfortunately fall for these e-mails, my team in my bank alone deal with about 60 cases per day of customers that have had their accounts cleared out by this particular type of Fraud. We always manage to get the money back but it can take upto 2 weeks to get it.

  7. Another thing with the e-mails aswell is that they will generally have real telephone numbers and often real names of people that work for your bank (i've seen my name used twice in these e-mails!) to make it seem more genuine.
  8. Thanks for your replies, particularly Whisky. I was beginning to think that i was the only one getting them.
    I daren't click on the emails just in case they either clear my bank account ( mind you, i doubt 50p would get them far ) or they somehow manage to gain access to other financial transactions that i have made online with my debit card etc.
    The first one i ever got some months ago was from Halifax who i have an account with, however i didn't open it as it set alarm bells ringing so i actually went into my account via my usual method, found nothing untoward and then phoned the bank to inform them.
    As i say, i usually just send them straight to the pishing bin.
    On another note, Mr Bossy recently logged onto his E-bay account and found several items were being watched on it. He has no idea who was watching these items or why under his log in ( they were items that he has absolutely no interest in whatsoever)
    The worry there is that he has a paypal account on E-Bay.
    No one, not even me knows his log on for the computer, let alone his passwords, so lord knows whats going off there :?
  9. Tell him to change his password(s) and to use more than the standard alphabet! A pain - but I reckon someone has hacked his account.

  10. Cheers Litotes. i will pass that message along.
  11. I always remember working for a full Colonel 20 years ago, when IT was still, in military terms, mainframe based and concentrated in Data Centres. He owned a DOS laptop - when laptops were quite rare - but he was useless at DOS - and I was the world's expert!

    He needed some DOS work done on the laptop but had protected it. I could usually break most passwords at the time, primarily because it was an intellectual challenge! But I couldn't break his; he had used numbers and letters, upper and lower case and permitted punctuation (this was DOS)! I was really impressed at the time!

    Most people forget that you must not, under any circumstances, use the same password for your primary email account as any other account anywhere! If someone works out what you have used, they can take over your life!

    The strength of your password is important;

    Microsoft on password security

    With a modern computer, it does not take long to crack an 8 letter password; make it complex!

  12. Using Alpha numeric password not linked to your name or any obvious interests is a good way to maintain your internet security the longer the better.

    I use different passwords for different accounts.