official Notice for all Lloyds TSB customers

Another Spoof Email and Phishing Scam report by MillerSmiles.co.uk - click this image to go to our home page.

official Notice for all Lloyds TSB customers
19th April 2004

please forward any scams you've received to spoof@millersmiles.co.uk

Report Summary
Date Reported	19th April 2004
Apparent Sender	Lloyds TSB Online Banking
Return Address	user-billing06@lloydstsb.co.uk
Subject	official Notice for all Lloyds TSB customers
Format	HTML
Method	entire email body is an image which links to forged web content
Bogus Web Content?	Yes - presented in front of the genuine Lloyds TSB page to make it look as if it has been generated by the Lloyds page.
URL of web content	http://68.21.106.132:4903/l/applypassword.htm
RISK LEVEL	HIGH
WARNINGS	1. Employs script to open the genuine lloydstsb.co.uk home page as a backdrop to the forged page. 3. Submitted form data is captured by a script located in the same web space.

" SECURITY ALERT: Please read this important message. "...

There is a distinct similarity between this Phishing Scam and the previous Lloyds TSB Scam reported in March. We've issued a new warning here because of the differences in the emails though, but we do see the same combination of two browser windows, which have been scripted to open to give the foremost window the appearance of being a pop-up generated by the genuine Lloyds TSB home page in the background. The absence of the address bar serves to conceal its mal intent since the URL of the forgery is http://68.21.106.132:4903/l/applypassword.htm, which resolves to a Ameritech's web space (USA) and not that of Lloyds TSB Online.

The Spoof Email ...

official Notice for all Lloyds TSB customers spoofed email.

The bogus web page ...

official Notice for all Lloyds TSB customers forged web content presented in front of the genuine Lloydstsb.co.uk home page.

If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.


Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services... Email Alerts Add your email address to our email alert service... Subscribe Privacy Policy RSS News Feed Tap into our Scam Alert service using your News Reader or Aggregator (including My Yahoo!). Scam Alert News Feed You can even put the latest alerts on your own web site.

Library of Spoof Email Phishing Scams Brief guide to Phishing Full article on spoof email scams Spoof URL Checker Link Checker Browser URL Spoofing Vulnerability Check Latest browser bug aids Phishing Scams - beware!

Click the arrow to return to previous page Home Guides... Book Terminology How to identify a first edition book Auction Watcher List of the main Auction Sites world wide
<table border='0' cellpadding='0' cellspacing='0' width='120' height='243'> <!--DWLayoutTable--> <tr> <td><a href='http://www.amazon.co.uk/exec/obidos/redirect-home/millersmile09-21' target=_top ><img src="http://images-eu.amazon.com/images/G/02/associates/recommends/default_120x243.gif" width=120 height=243 border="0" access=regular></a></td> </tr> <tr> <td height="1"><img src="../spacer.gif" alt="" width="120" height="1"></td> </tr> </table>

official Notice for all Lloyds TSB customers 19th April 2004

official Notice for all Lloyds TSB customers
19th April 2004