Phishing hits South Africa

In what seems to be the first phishing scam imitating a South Africa bank, a rapidly spreading e-mail is illicitly attempting to obtain the details of unsuspecting online bankers.

According to local anti-virus company NOD32 South Africa, the e-mail seems at first glance to have been sent by First National Bank (FNB), and appears extremely authentic.

Closer examination however reveals that it is not a genuine FNB e-mail, but the latest in the recent spate of international ‘phishing’ e-mail scams. Until now, however, phishing scams have traditionally only targeted users of major banks in the UK and USA.

“The e-mail appears to the end-user to be coming from a genuine FNB employee, and coerces the user into clicking a Web site link, which attempts to obtain their Internet banking username and password. The Web site actually uses a part of FNB’s real Web site, as well as a site redirection trick to appear extremely authentic,” says NOD32 CEO, Justin Stanford.

“At first glance, even to users familiar with computers, it is very convincing.”

“This is among the first SA bank specific phishing e-mails seen in the country, and, because of its authentic appearance, we expect many users may have already stepped in to the trap. Users are advised to be extremely cautious when receiving such an e-mail, and to ignore it completely. If unsure, contact your bank to double-check its authenticity.”

It is feared that scores of details will already have been captured by the scam perpetrators.

Below is a copy of the e-mail and the original link:

*********

From: First National Bank [BriettaBurleson@fnb.co.za]

Subject: First National Bank Email Verification

Dear First National Bank Member,

This e-mail was sent by the First National Bank server to verify your e-mail address. You must complete this process by clicking on the link below and entering in the small window your First National Bank User ID and Password.

This is done for your protection – because some of our members no longer have access to their e-mail addresses and we must verify it. To verify your e-mail address and access your bank account, click on the link below: http://www.fnb.co.za/H1RhpHCOEOvmgdfVjXHq3AqrnjZr0iUjZPaPyRLaWu6wEVH26lmz7fC9dhks72g6

*********

Note that the “From:” has been reported to vary from e-mail to e-mail, and this represents only one possible example.

Any FNB customer who has received such an e-mail, and has supplied a username and password to the scam Web site, is advised to immediately contact FNB to have their username and password changed.

Related links:

Mastercard battles phishing fraud

Phishing figures show rise in Trojans

Reports of phishing attacks up again

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now