New Phishing Campaign Targeting Customers of FirstBank
Batblue.com published news on 13th February, 2015 according to which security researchers discovered a new phishing email campaign targeting customers of FirstBank.
The phishing email says that the recipient must complete a validation with the bank to upgrade security because some irregular activities have been detected. The victims are told that if they do not validate their account then it will be deactivated.
Experts say that the email has been designed to steal usernames, passwords, personal and financial information of recipient's FirstBank.
On clicking the link attached in the fake email message, the recipient is taken to a fake or phishing website of FirstBank.
It is interesting to know that there are two financial institutions with the same name FirstBank, one of which operates in US, in Arizona, Colorado and California and the other operates in Africa (First Bank of Nigeria) and it is one of the largest banks of the continent.
Experts retrieved a sample email and they found that the phishers targeted the latter one since this is revealed by the maligned link given in the context along with the graphics included to make the alert look genuine.
Alternatively, if the email reaches users of US, then there is a risk of not getting attention to this information and phishers might get more than their expectation.
Experts observe that the fake link where victims are supposed to submit their personal and financial details is hosted on a Russian domain and presently the page is no more available and it appears as if the domain hosting it is for an adult site.
The scammers can gain access to victim's accounts with their information and sell the details of the victims to the utmost bidder and further con the victims. Experts note that in this case, customers of FirstBank can wind up being identity theft victims or of credit card scams.
One should never click on a URL contained in an email or any other site to login or sign into your net-banking account. Experts advise that you should directly visit the website by typing the website's name in the address bar of your web browser.