Victims are taken to a page that replicates the organization's legitimate site
A new variant of an old scam is making the rounds, landing in the inboxes of unsuspecting Co-operative Bank customers. The phishing emails attempt to convince recipients that the financial institution is checking for inactive customers and incorrect email addresses.“This e-mail was sent by Co-operative Bank to notify you of the recent innovations taken by Co-operative Bank to detect inactive customers and non-functioning mailboxes. The inactive customers are subject to restriction and removal in a week time. Please login below to update,” the emails read.
“(Login) Message Valid for 2 days. Thanks for using Co-operative Bank, accounts management as outlined in our user agreement.”
The Login link doesn’t lead to the genuine Co-operative site, but to a hijacked domain on which the cybercriminals planted a phishing page. Internauts who visit this page are asked to provide credit card numbers and other sensitive information.
As usual, we advise the financial institution’s customers to properly check a website before handing over personal details. Look for the https connection and the padlock symbol to ensure that you’re on a secure page.