Everyone banks, with the bulk of it increasingly done via our phones. This ubiquity, not to mention the presence of money, is why banking scams are some of the most common (and most damaging) scams with which cybercriminals and fraudsters target consumers. The following are what we’ve found recently.
American Express Phishing Emails Scam
Users have reported receiving malicious phishing emails purporting to be from American Express, as seen above. These emails are in fact from scammers, the intention being to get you to click on the link. The link takes would-be victims to a fake webpage where your log-in details will be harvested. Once they have that information, scammers can carry out activities such as theft and identity fraud — don’t let them!
Email Content:
- Dear Customer, For your protection, we have placed your account on hold temporarily and placed any pending orders or subscriptions on hold as well. Your account will remain on hold until we are able to confirm that your authorized recent payments. MANAGE MY ACCOUNT Once you have provided the required information, we will review it and respond within 24 hours. Thank you for choosing American Express. American Express
Above are two American Express log-in pages, one fake and one real. As you can see, they are scarily similar. In the case of convincing fakes, the best giveaway is the URL address. The legitimate web address is americanexpress.com/en-us/account/login. Fake URLs we have discovered include:
- hxxps://kutt[.]it/heyteen18
- hxxps://staging[.]kleenso[.]com/cg/americanexpress.com.login-verification/AMEX/Amex/home/
Regions Bank SMS Phishing Scam
Elsewhere, scammers are posing as Regions Bank, a popular bank in the South and Midwest, with a particularly high number of scam reports in Florida and Texas. The scam text message (“smishing”) informs the would-be victim of some account issue that requires “verification”, the intention being to obtain your details.
SMS Content:
- regions alerts your online access is restricted. visit [URL] immediately to take necessary steps to protect your account.
- regions-smsalerts your account is under review, please verify your information or your login-acess maybe revoked. [URL]
Following the link will take you to a fake webpage, such as that below. Notice the strange URL — don’t fall for it!
Protect Yourself with Trend Micro ScamCheck
- Double-check people’s contact details — and URLs.
- Reach out to official websites and support pages directly for help if in doubt.
- NEVER use links or buttons from unknown sources! Use Trend Micro ScamCheck to detect scams with ease: ScamCheck is an all-in-one browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!
After you’ve pinned the ScamCheck extension, it will block dangerous sites automatically! (Available on Safari, Google Chrome, and Microsoft Edge).
You can also download the ScamCheck mobile app for 24/7 automatic scam and spam detection and filtering. (Available for Android and iOS).
Given you’ll be required to enter personal information on these kinds of platforms, ID Security will also ensure you’re never the victim of a data breach.
NFCU SMS Phishing Scam
Navy Federal Credit Union (NFCU) is the largest retail credit union in the US. Unfortunately this makes its members a prime target for scammers. Recently there has been a large wave of smishing attacks under the guise of NFCU — with queries on Google up 550%.
As seen above, the alerts are of two types: large payments and account issues. In both cases, the scammer’s objective is to get the would-be victim to panic and follow the link with promise of being able to resolve the issue. Of course, there IS NO issue — but trying to log in on one of their fake webpages will bring all kinds of issues. Note the spelling errors, inconsistent caps, and strange spacing.
We previously reported on NFCU smishing back in August — while it rears its head again, be wary.
SMS Content:
- Navy Federal Credit Union Protection department : 1-888-842-6328 Do you recognize: Walmart charge $450.00 that was taken place today ! Reply Y or N. STOP to end
- NFCU Alert: We’ll never call you to confirm it. 096127 is your NFCU security code to approve wire payment of $2100.00. Not You? Visit [URL] to cancel
- NFCU Alerts: Your wire payment of $1750.00 was succussfully processed. In review no further action is needed. Not You? Visit [URL] immediately
- NFCU: Alerts, Your Account has been disabled due to unusual activity. Visit [URL] to verify your account.
We’ll end here with two more banking smishing examples: Bank of America, and Idaho Central Credit Union (ICCU). Once again, note the errors and inconsistencies. Don’t fall for them!
SMS Content:
- Bank of America: Did you try to login to your account on 09/12/2022 at 3.43 PM, on an unsupported device? If this wasn’t you visit: [URL]
- ICCU Debit request alert of $7386.00 from MARIAV TELCOM GADGET Store. If Unrecognized Visit [URL] to confirm or cancel.
Be safe out there, folks! Remember to check out this page for more information on ScamCheck. And as ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.