Maybank2u.com Email Phishing Scam Part II
Updates
Today again I receive another Maybank2u.com Phishing Email…
Dear Customer,
We have safeguard our SSL for the protection of our internet banking customers,
Do to this you have been require to authenticate your account on data with us
Kindly follow our link below to safeguard your account completely
This one is very dangerous as I tried to click out myself to find out more…
I’m using mozilla so I have this warning… But I ignored and explore further…
What is a Web Forgery? What is Phishing?
Web Forgery (also known as “Phishing”) is a form of identity theft that occurs when a malicious Web site impersonates a legitimate one in order to trick you into giving up sensitive information such as passwords, account details, or credit card numbers. Phishing attacks usually come from email messages that attempt to lure the recipient into updating their personal information on fake, but very real looking, Web sites. More information on phishing can be found at the Anti-Phishing Working Group, and there are a number of examples and resources available at the Wikipedia Phishing page.
The hidden link from the Phishing Email is “http://sovisto.org/tf/downloads/may2u/Maybank2u_com.html”, do not click on the link, if you want to explore you have to make sure all your cookies and private data cleared and do not enter the real data in for testing purpose. I did the following…
http://sovisto.org/tf/downloads/may2u/protection.html
http://sovisto.org/tf/downloads/may2u/processing.html
http://sovisto.org/tf/downloads/may2u/logout.html
After you have done all that, you will be redirect to the real Maybank2u.com website, even in all the pages, other links in the page is pointing back to Maybank2u. So do not enter your real data in if not your data will be fooled. Always check the links and do not click from emails. Bank will never ask you to updates private data thru emails. If you are not sure, you should call direct to their customer line.
Tips and Advise on how to fight Phishing or Scam
So when you receive any email from bank, confirmed with the bank and check wither it’s a scam or not. I repeat, do not click on any link in the email that look suspicious. When u do that, you will eventually leak your information to the culprit.
There’s a way that I always check whether it’s from the real bank or not. Before you click on the link, you can actually see the real link behind by mouse over or view source. By doing that you can also check whether it’s pointing to the bank that sent you the email or pointing to other pishing website. So when you see a link like paypal, it’s actually bringing you to another website that look exactly the same but it’s not the real bank. So beware.
Another way that you can check is, when you reach the website thru the link in the email, try to login using wrong login name and password, if it’s logged in then you know it’s a pishing scam, if not than it should be safe.
So the safer way is, bookmark you the bank website and every time want to visit, just click on your bookmark =)
Tell your friends or loved one about it if not they will be trapped.
January 28, 2009
“Do to this” it says xD