Recently I spoke to some customer who received an email from their bank. Or at least they thought it was from their bank. The email asked them to login to their account, to confirm their address. There was a link on the email, and the customers clicked that link, and logged on to what they thought was their bank.
Upon logging on, the website said that there was a problem with the bank, and try to login later. The customers thought nothing of it, and went away thinking they will try to log on the their internet banking later on that night.
The customers went back on logged on later to their internet banking a couple of days later. This time they typed their banks web address straight into their browser, not clicking the link that was supplied in the email. Once they had logged on, they realised that a fair sum of money had been transferred out their bank account and their linked credit card account. They hadn’t transferred the money, or used their credit card, and didn’t recognize the accounts where their money had been spent.
Upon ringing the bank, they had realised that someone else had gone and logged into their internet banking, then transferred some money out of their accounts on a few occasions. After the bank asked some questions, the bank had advised the customers, that if they do send bank emails, they never have a web address in the emails that they send. The customers let the bank know that the website looked exactly like the banks website, and they thought they were logging on to their internet banking.
What happened was the email the customers opened, had a link to a website that looked exactly like the banks website, even though it wasn’t. The website was designed to get the customers login details, which the customers did input. Once the customers login was input, and the login button clicked, the website sent those details to whoever made the website. Once these people (I will call them criminals) had the login details, they were free to access the customer’s bank account anytime, which they did.
In this particular case, the bank, after some investigation, refunded the customers the money that was stolen from them luckily.
The reason why I am telling this story is to remind everyone to be very careful if you get an email from your bank. It might not be your bank, and the website it leads too may look exactly like your bank or lenders website. Generally speaking if banks do send emails, they don’t have web addresses in them. This is a security measure from the bank, as they are aware that fraudulent emails are on the increase. It is good advice to always type in the banks web address into your browser, and once the bank website is displayed, check the URL (web address) to make sure it is your bank or lender that you have reached, before you input your login details.
If you have any questions or comments, please leave below. If you would like more personal mortgage information, or to contact a mortgage broker, please contact us anytime.
No comments:
Post a Comment