14 DAY TRIAL // Cybercriminals know that the recent outages suffered by NatWest are a perfect opportunity to send out malicious emails. Here’s an example of such an attack.
Phishers are sending out emails that carry the subject line “You have new message waiting in your Inbox Folder.”
“Dear Value Customer, You have new message waiting in your Inbox Folder. Click here to read,” the emails that purport to come from the NatWest Bank Security Department Team read.
However, the links don’t point to the NatWest site, but to a phishing page hosted on a compromised website.
The malicious site looks similar to the official one. However, it doesn’t use an HTTPS connection, which is a clear indicator of a scam.
On the phishing page, victims are asked to hand over their credit card services, username, Internet PIN, password, email address and email account password. Once the information is handed over, users are transferred to the genuine NatWest site.
Unfortunately, at the time of writing, the phishing page is still live.
If you’re a victim of this scam, change your passwords and contact NatWest to let them know that your account might have been compromised.
To avoid falling victim, don’t click on links contained in suspicious emails. Financial institutions will not ask you for passwords or PINs in order to “confirm your account” or for “security updates.”
Also refrain from opening files attached to unsolicited emails, regardless of how legitimate they look.
Finally, make sure an antivirus program is running on your computer and that all your applications, including Java, Flash and Adobe Reader, are always kept up to date.
This isn’t the first time such phishing emails are spotted. Around one year ago, similar notifications were making the rounds, but at that time, they targeted Bank of Scotland’s Intelligent Finance customers.