Bank customers are popular targets of those who engage in phishing attacks. If you have a bank account, you more than likely access it online from time to time. As a result, you probably have a username and a password that are associated with your online account. Most people understand the importance of keeping that kind of information confidential; if it falls into the wrong hands, a great deal of sensitive financial information would be compromised. Unfortunately, many people fall victim to bank phishing scams each year and inadvertently give out sensitive information to people who have criminal activities on their minds.
Spoof Bank Emails
The most common way that a phisher gets the ball rolling on a bank phishing attack is by sending out thousands of spoof emails. These emails are carefully crafted to look nearly identical to the types of correspondence that are sent out by actual banks. Skilled phishers can replicate the logos, layout and general tone of such emails to uncanny degrees. They bank on the fact that most people are quite busy; at a glance, these spoof emails appear to be legitimate. As a result, recipients are more likely to take what is written in them seriously.
One way to avoid falling victim to spoof bank emails is by looking at them closely. Never assume that such messages originate from legitimate sources. Be especially vigilant if the email requests information from you. For one thing, no legitimate bank is going to include a form within an email that they send to you. This is a well-known phishing ploy and it should raise a big red flag for you. Look closely at the sender’s email address as well. Above all else, double-check on the actual bank’s website or give the bank a call if you are in doubt.
Spoof Bank Websites
Spoofed bank emails almost always include links that will take you to spoofed bank websites. Like spoof emails, spoof bank websites look nearly identical as their legitimate counterparts. One telltale sign of a spoofed bank website is a popup window that demands various types of credentials. There are many scripts that phishers can use to make these popup windows appear, and real banks never use them. Never follow a link to your bank’s website. Always type the URL manually into your browser’s address bar.
Chase Bank Phishing Scam
One of the most famous examples of a bank phishing scam involved Chase. Phishers especially went to town when Bank One of Indiana was bought out by the huge bank. Phishers obtained the email addresses of thousands of Bank One customers and used the changeover as a ruse in order to cull sensitive information from the victims. Like so many other phishing scams, these emails and fake phishing websites included a lot of urgent language. They implied that customers needed to supply the requested information right away or lose access to their accounts, which would certainly be a cause for alarm.
The Chase bank phishing scam is a prime example of just how easy it is for people to fall into phishers’ traps. Actual Chase logos were used in the emails, which made it even trickier to tell them apart from spoofs. You can be sure that future bank phishing scams will use even sneakier and more sophisticated methods. Whenever you receive an important email from your bank, make a point of logging on to its website. Do not follow a link to the bank website; instead, type in the URL manually. If something important really needs your attention, you should be alerted about it somewhere on the online interface. If questions persist, pick up the phone and contact your bank. You can’t be too careful when it comes to protecting your financial information from phishing attacks.
Related Phishing.org articles: