Legitimate Bank Email Raises Phishing Suspicions

A financial services company's online division sent out emails to all their customers asking them to sign into their accounts to confirm the information regarding their email address.

According to The Register, the clients were asked to log on to their personal homepage on carhoot.com and under the “change my details” section check the validity of the provided information.

”A legitimate communication was issued from Cahoot this week asking customers to confirm that their email address was correct. In order to do this, they would have needed to log into their account," a Cahoot representative told El Reg in a statement.

After they were alerted on the confusion they've caused, they added "Cahoot, like all other banks, would never send a customer an email asking them to enter, reconfirm or change their security details such as account numbers.

"We apologize for any confusion this may have caused. It is essential that internet banking customers remain vigilant at all times. Cahoot has robust security measures which it constantly reviews to ensure customers remain protected at all times.”

The businesses actions are clearly well meant, but the fact that they would do such a thing still remains an issue. Security writers and bloggers warn people each day that banks and other financial services never ask for account related information.

By doing this they might have messed up a large part of our work. Some of their clients might tend to take seriously every bank related message they'll receive from now on, putting their safety and the safety of their savings in danger.

The best thing to do in these situations is not to trust the email, even if it genuinely comes from your bank. As the Carhoot spokesperson revealed, they would have contacted the customers who didn't reply in other ways, so you don't have to worry that something might happen to your account if you don't follow through with the request.

Image credits : Ken Teegardin