Bank Email Fraud:
ING Email phishing scam

News from Omniquad | July 12, 2012

Email Phishing attacks relating to Banks and financial institutions. We see this type of scam in many shapes and forms. The emails are based around the same template, but the branding is changing dependent on the target.

This type of fraudulent email is exclusively designed for carrying out phishing attacks on several banks or financial institution like ICICI,HSBC, Citi,ING Vysya, Bank of America, the Halifax, Paypal and many more.

This Dutch email is pretending to be from ING Vysya in the Netherlands, and the attack started at the end of last week.

Picture: ING Bank Email Scam

Ironically, this very convicing looking phishing attack says that due to the rise in cybercrime, users are urged to click a link to go to a alternative (fraudulent) website within ING to verify their details. Putting pressure on, and instilling a sense of urgency on the recepient, the email warns that they have 48 hours to verify their details.

The page is looks very similar to the official ING Vysya web page. The new page asks the victim to provide online banking services information, like card number, password, registered mobile no. etc. The following image shows the page that opens when the victim clicks on the link:

Picture: ING Fake Log-in page

Clicking on the ‘Login’ tab will transfer all the confidential information to the Phishers/Hackers.Then the page gets redirected to the original bank website.

On a different note, Twitter really came in to force over the weekend, when members of ING Security came online reassure users and giving them information about what to do if they had clicked the link and followed the instructions.

To stay safe, and to avoid giving criminals your banking information, remember that your bank is unlikely to send you an email asking you to update your details online by clicking links in emails.

If you do get any such emails, the best thing to do is contact your bank and verify that they really sent you such an email (but not by phoning any number on the actual email). Dont click on any links directly in an email. Go to your banks website, and log in the usual way, or call your bank using the phone number you usually would use.

Omniquad successfully blocks these fraudulent links and protects its users with the Mailwall Remote email filtering solution.