Phishing scam targeting NatWest, Royal Bank of Scotland customers
February 23, 2014
I intercepted an email phishing scam today, targeting The Royal Bank of Scotland customers. It uses the abbreviation NatWest, as the sender and in logos on the page. Nat West stands for National Westminster Bank.
The sender (From) claims to be: "NatWest Credit Card"
The subject is: Dear (They insert your email address here) Credit Card Online Services
The body text begins with:
Dear (your email address)
Your access to NatWest Credit Card Online Services is locked out..
Because of that, our security team had to suspend your account.
Please use the link below to unlock.:
The link in the message I received was on a compromised website named: sullivankitchen.com. The fraudsters have created a new folder, or folders, on that website and are using a single index file under /administrator/mobile to forward victims to another file (start.php) on the same website, to the actual location of the phishing page.
The phishing page has logos and other images and links stolen from the NatWest Royal Bank Of Scotland website. They have obviously failed to apply hotlink protection to their images, some of which were embedded from https locations. Example: https://cardservices.natwest.com/RBSG_Consumer/images/NatWest_alert.png
NB: In the footer, at the bottom of the page, is an out-of-date copyright notice, as follows: © 2005-2009 National Westminster Bank plc. This should raise your antennas, as it is now 2014!Recommend this article!
Protect your Windows and Mac computers and Android smart devices from malicious web pages, spyware, viruses and information stealing Trojans, with Trend Micro Titanium security programs.