Posted on January 26, 2020 at 3:06 PM
Reports have revealed that some banking scammers are using a phishing message that looks too real even to the most knowledgeable person on cyber attacks. These criminals try to convince customers using phishing emails. But this time, the email address looks too real to be coming from scammers.
With this type of scam going on, researchers have warned people to be very careful the way they exchange their personal details, even if the request is coming from a company they trust.
Getting a fake email from a streaming service such as Netflix is understandable. But getting one directly from your bank with your exact bank email is something only sophisticated scammers can do.
Scammers targeting Citibank
A new scam email is in circulation where the actors intend to trick people into believing the mail is coming from Citibank. Researchers have advised bank customers, especially those banking with Citigroup, to be very careful.
Scammers were able to spoof the website of the bank where they can be able to send emails comfortably. Once they have succeeded in luring these customers, they ask them to type in their login details. From there the actors can put a few things together to have access to the customers’ accounts.
With this new idea of spoofing sites, a normal and less harmless phishing scam can become one of the most dangerous scams in the world. When the actor gets hold of the information, they can use it to cripple the customer’s account.
How the scammers operate
After the victim successfully logs into the fake page, they are directed to other series of spoofed pages to provide more personal information. They are usually required to provide details like the last four digits of their SS number, home address, date of birth, and their full name. Obviously, when they get all this information, they can cripple the customer’s account balance and possibly leave a zero balance for them.
Apart from draining your account, they can use the victim’s name to open a credit account and steal their identity.
On a positive note, this is a phishing scam, which means you can avoid being a victim when you understand or have knowledge of phishing scams.
Avoiding being a victim
Some researchers have provided some simple rules that will help anyone stay out of harm’s way from a phishing scam. According to them, if the user can follow these steps or rules, they would be able to thwart or prevent this type of attack. Following these rules will be better than dealing with issues about identity theft as a result of the phishing scam.
They pointed out that customers should be very careful before clicking on links. Links that come along with unsolicited messages and emails are the most likely areas where phishing scammers would target. Once the user clicks on the invitation, their system would be infected immediately.
The researchers also said that anyone who clicks on PDF attachments or a link in this type of message would be inviting a malicious attack on their system.
Those who want to carry out a transaction with their company or bank should do so by typing the company’s rightful address at the address bar. They warned that it’s not advised to carry out any internet transaction through mails, even though the mail is genuine. Instead, type the name of the company on the address bar and go over to the section that can solve such a problem.
The researchers have also advised that those whose banks are using two-factor authentication to avail the opportunity and always use the security feature. With the 2FA, it’s more difficult for scammers to get through their details even if they have the login credentials.
They can either do this via Google’s Authenticator or receive a one-time code for the second authentication. Also, bank customers should always protect their identities. Even if the scammers succeed in getting all their details, the customers can use Identity Guard to prevent anyone from stealing their identity.