Today I have a guest post from the CEO of Agile Technologies – Romans Malinovskis (who also happens to be my husband). In case you have heard word “scammer” but are not sure what it is exactly – read on.
We were one of the several to be hit by the scam attack and I actually almost fell for it.
Dear AIB Ireland Bank member,
You have added firstname.lastname@example.org as a new email address for your Aib online Bank account.
If you did not authorize this change, check with family members and others who may have access to your account first. If you still feel that an unauthorized person has changed your email, submit the form attached to your email in order to keep your original email and restore your Aib account.
This was the original email text. The email was sent from: AIB Bank <email@example.com> which seems to be legitimate. But of course you do know:
- Email sender can be set to ANYTHING. There are no verification.
Content of email seems to be very skillfully created. However they do have some minor mistakes such as spelling “Aib” instead of “AIB” and also refer to “Aib NetBank”.
- Scammers will use scare technique, which will make you panic and try to trick you into doing silly things.
Email is also very well composed to avoid being blocked by spam filters. Obviously should you receive email from bank it would be using full name and surname which scammers usually do not know.
- Pay attention to “To:” field your email. If it does not contain YOUR email and your full name – this can possibly mean that it was sent to multiple people.
There is .HTML attachment. Attachment is basically this page: http://www.aib.ie/personal/current-accounts which have it’s content removed and replaced by a form asking for: 8-digit registration number, PAC number and home phone number. Also scammers ask to fill in all the digits from the code card. All that finished with blue button with lockpad.
- Never trust email attachments.
I have looked inside the file. If you open it in the editor, scammers have entered a lot of newlines, which makes reading file very difficult. Search for “form” shows offending link:
of course the site have been compromised. (I tried to notify webmaster).
Script itself would record the details you have included on the form and would redirect you to AIB site.
Any of you know how to report this URL / site as offending and potentially dangerous? Modern browsers will verify domains you visit of being harmful.
I would appreciate if readers could direct me to scam report pages.