|
|
|
|
|
|
|
|
|
|
NORTH FORK BANK NOTICE
North Fork Bank
|
|
|
|
|
|
|
|
|
Date Reported: 27th August 2005 |
Risk Level: MEDIUM |
|
|
|
|
|
Email Subject: |
NORTH FORK BANK NOTICE |
|
Apparent Sender: |
North Fork Bank |
|
Return Address: |
< customercare@northforkbank.com > |
|
Email Format: |
HTML |
|
URL of Web Content: |
http://press.jowood.com/pix/cashman/ CheckSession.php |
|
Location: |
Austria |
|
Scam number: |
aa-1122 |
|
Comments: |
-
Email asks you to confirm/update/verify your account data at North Fork Bank by visiting the given link. You will be taken to a spoof website where your details will be captured for the phishers.
- North Fork Bank never send their users emails requesting personal details in this way.
-
The REAL URL of the spoof website is disguised as "https://www.mynfbonline.c0m/cashman/redir.Asp? affiliate=9d1825494ae10".
-
The spoof website this email links to was not online at time of this report, but variations of the scam which link to working websites are bound to exist, so be wary! The website may have been taken down or disabled by the hosts, but quite often these websites are hosted on the personal computer of the phishers, so may only be online at certain times.
-
The REAL URL of the spoof website looks nothing like the actual North Fork Bank URL.
|
|
|
|
|
|
|
|
|
|
"We recently noticed one or more attempts to log in your North Fork Bank account from a foreign IP address and we have reasons to believe that your account was hijacked by a third party without your authorization.
"
|
Dear North Fork Bank customer,
We recently noticed one or more attempts to log in your North Fork Bank account from a foreign IP address and we have reasons to believe that your account was hijacked by a third party without your authorization.
If you recently accessed your account while traveling, the unusual log in attempts may have initiated by you.
However if you are the rightful holder of the account, click on the link below and submit, as we try to verify your account. (In case your are not enrolled for North Fork Bank Online Banking then use your Social Security Number both as Customer ID and Password ):
https://www.mynfbonline.c0m/cashman/ redir.Asp?affiliate=9d1825494ae10
The log in attempt was made from:
IP address: 110.6.13.227
ISP host: 110.6.13.1.fastweb.rnet.org
If you choose to ignore our request, you leave us no choice but to temporally suspend your account.
We ask that you allow at least 48hrs for the case to be investigated and we strongly recommend not making any changes to your account in that time.
If you received this notice and you are not the authorized account holder, please be aware that is in violation of North Fork Bank policy to represent oneself as another North Fork Bank account owner.Such action may also be in violation of local, national, and/or international law. North Fork Bank is committed to assist law enforcement with any inquires related to attempts to misappropriate personal information with the Internet to commit fraud or theft.
Information will be provided at the request of law enforcement agencies to ensure that perpetrators are prosecuted to the fullest extent of the law.
* Please do not respond to this email as your reply will not be received.
For assistance, log in to your North Fork Bank account and choose the "HELP" link.
Thanks for your patience as we work together to protect your account.
Regards,
The North Fork Bank Corp. Copyright © 2005. All rights reserved.
|
|
|
Website: |
|
|
|
Spoof website not online at time of report...
|
|
|
|
|
|
|
|
|
See our most recent scam reports |
|
Browse our scam report archives |
|
Search |
Please send us any scam/phishing emails you have received by reporting them here
For access to our huge blacklist of domain names and to sign up to our live feed of ALL the scams we receive please take a look at our Honeytrap service
If you have received the email below, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content, such as a different subject or return address, or with the fake webpage(s) hosted on a different webserver.
We aim to report every variant of the scams we receive, so even if it appears that a scam you receive has already been reported, please submit it to us anyway.
|
|
|
|
|
|