If you find our resources valuable, please support us by making a small donation. Thank you!

x

Banking

SCAM: A mouse-over of any link in these emails reveals that they do not point to the website they claim to represent. [View the lower left corner of each graphic.] These types of emails typically point to fake websites that are designed to look like a bank or credit card website. These are called phishing sites. Victims give away their login credentials for their real accounts when the try to log into these fake sites. Some phishing websites are so clever that when the victim logs into the phishing site, the fake site will use the information and forward them to the real site AND log them into the account. The victims therefore have no idea they have been phished. Some of the emails offer attached files to click on or download. Most of these contain malware and are very dangerous as a result.

WHAT TO LOOK FOR: Besides looking at the link revealed in the lower left corner of most of these scams by a mouse-over, notice that nearly all of these emails lack any personal information that identifies the recipient. None of the credit card emails, for example, identify the last 4 digits of the recipient's credit card.

CAUTION: We do not advise visiting the links revealed in these scam emails because it is possible that some of these websites might cause a computer infection.

Example #1: “Dear Valued Customer” Links point to: “blog.preetish.me” “.me” is the 2-letter country code for Montenegro in Southeastern Europe. WHOIS look-up of preetish.me: registered to a the Raman College of Engineering in Bhubaneswar,India. Likely explanation: Preetish.me looks to be another hacked WordPress blog. Example #2: “Your account has been locked” This is a classic […]

Example #1: “We are unable to active your account” Nice grammar! English is clearly not the first language of these scammers.. Links point to: “futureworkplace.com” a legitimate workplace in New York. Their web server was hacked. Contact by The Daily Scam led to a site exorcism! Example #2: “To restore your account access” Links point […]

All of the links in this email lead to the “operajobtimes.com,” a legitimate website in India. This phishing site was exorcised with the help of The Daily Scam!

Example #1: “Dear Customer,…. account might have been accessed by an unauthorized third party” Links in this email lead to “gastvrijheuvelland.nl” “.nl” is the 2-letter country code for the Netherlands. The website appears to be a legitimate business that was likely hacked. Example #2: “Your account has been temporarily disabled” Links in this example point […]

Example #1: “Account Disabled” Notice that the email says “CitiBank” but comes from “message@cardlighter.com.” The attached html file is not safe to download. Example #2: “Your Citi Credit Card statement is ready to view” All links in this email point to “iurbservices.com.” This website was registered in Bucaramanga, Columbia. Example #3: “Your Citi Credit Card […]

Example #1: “Domestic wire transaction from your checking account was rejected” The “click here” link leads to a webserver called “redir.ec” not the Federal Reserve Board. “.ec” is the 2-letter country code for Ecuador. Example #2: “Domestik wire fund transfer not processed” The “click here” link leads to “irs-reports.com.” This website is hosted in Canada […]

Example #1: “We need your help resolving an issue with your account” A mouse-over of the link for “clicking here” shows that it points to a non-secure “http” IP address (Internet Protocol) 63.117.132.82. IPChecking.com shows this address located in Denver, Colorado but a reverse IP look-up shows that the address is currently inactive. Example #2: […]

Example #1: “You have one new security message alert” As phony as a $3 bill. Notice the lack of any personal information. Example #2: “You send an automatic transfer to express VPN” The grammar and construction of this email should make everyone suspicious. The link for “cancel this transaction” points to “kerbventures.net,” another hacked WordPress […]

Example #1: “We will be making enhancements to Chase…” This email is extremely well crafted to look and feel like it came from Chase.com. However, read the section carefully called “WHAT THIS MEANS TO YOU” and you may become suspicious. However, the “dead give-away” comes at the very end… “This email was sent to: You.” […]

“We have important news regarding your bank” or “We have important information about your financial institution” Each of these scams uses a domain name that is meant to sound “official” because they contain “fdic.” Don’t fall for this “create-an-official-looking-name” ploy! The real FDIC domain is “fdic.gov” Example #1: The link points to “fdic-report-link-2157s.info” Example #2: […]

Example #1: “…alterations in the FDIC insurance coverage…” The link in this email points to “futbolitoclubdepolo.cl.” “.cl” is the 2-letter country code for Chile. Example #2: “ACH and Wire Transactions have been temporarily suspended” This email is extremely dangerous! Look carefully at the link revealed by a mouse-over. It points to “fdic-updates.com/system_update_07_28.exe.” A “.exe” is […]

Example #1: “Due to the recent upgrade of our server…” All links in this email point to “mail.scholy.com.” According to a WHOIS look-up, this website is registered in Guangdong, China. Example #2: “Your access to Online Banking Service has been suspended” Not only is does the link not lead to Nantucket Bank (leads to “spinalnik.com”) […]

All of these scam emails pretending to be from NACHA have one thing in common… The link is connected to a downloadable file that is extremely risky to click. In several cases it is easy to see that the file is a disguised executable. (.exe) “.exe” files are applications that run on Windows-based computers. In […]

Example #1: “The outgoing wire fund transfer… was not processed” The links both point to “domestic-wire.com” and actually call for the installation of “.exe” software – a Windows-based executable file. The Zulu Online Risk Analyzer identifies this website as malicious. Example #2: “The outgoing wire fund transfer… was not processed” The links both point to […]

Example #1: “Direct Deposit payment was declined” This email is a pretty lame attempt at fraud since it comes from a Yahoo email account. A mouse-over reveals the link points to a Google shortened URL so there is no easy way to know where this link leads to until you click it. Very dangerous! [Learn […]

s2Member®