|
|
Date Reported: 9th December 2011 |
Risk Level: MEDIUM |
|
|
|
|
|
Email Subject: |
Halifax: Important Banking Alert. |
|
Apparent Sender: |
Halifax Bank |
|
Return Address: |
info@email.halifax.co.uk |
|
Email Format: |
HTML |
|
URL of Web Content: |
http://www.aofokulu.com/inc/halifax-online.co.uk/p ersonal/logon/login.jsp.htm |
|
Anchor text of URLs: |
1) Click here |
|
Location: |
, |
|
Scam number: |
19387-309634-679216 |
|
Comments: |
- Email asks you to confirm/update/verify your account data at Halifax Bank by visiting the given link. You will be taken to a spoof website where your details will be captured for the phishers.
- Halifax Bank never send their users emails requesting personal details in this way.
- The spoof website this email links to was not online at time of this report, but variations of the scam which link to working websites are bound to exist, so be wary! The website may have been taken down or disabled by the hosts, but quite often these websites are hosted on the personal computer of the phishers, so may only be online at certain times.
|
|
|
|
|
|
|
|
|
DEAR HALIFAX CUSTOMER,
DURING OUR LAST UPGRADE ON OUR DATABASE WE DISCOVERED SOME ERROR ON YOUR ONLINE LOGIN INFORMATION.
PLEASE DO NOT BE LEFT OUT. USE THE LINK BELOW TO COMPLETE YOUR LOGIN INFORMATION ON OUR DATABASE AND ENJOY OUR NEW LOGIN SECURITY NOW.
Click here to update your details
NOTICE. INCORRECT LOGIN INFORMATION OR SECURITY QUESTIONS WILL COST YOU LOST OF ONLINE ACCESS
Thank you. HALIFAX CUSTOMER SERVICE CENTRE
...
|
|
Click for full size image |
|
Website: |
|
|
|
|
Website was not online when we checked. It returned the error 403 |
|
|
Please send us any scam/phishing emails you have received by reporting them here
For access to our huge blacklist of domain names and to sign up to our live feed of ALL the scams we receive please take a look at our Honeytrap service
If you have received the email below, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content, such as a different subject or return address, or with the fake webpage(s) hosted on a different webserver.
We aim to report every variant of the scams we receive, so even if it appears that a scam you receive has already been reported, please submit it to us anyway.
|