14 DAY TRIAL // The online services of the Royal Bank of Scotland have recently suffered a couple of outages: one due to a distributed denial-of-service (DDOS) attack, and one due to some technical issues. Shortly after, the financial institution issued an alert to warn users about the possibility of phishing attacks.
As expected, cybercriminals have started sending out phishing emails designed to trick RBS customers into handing over their personal information.
One such email, submitted to millersmiles.co.uk, carries the subject line “Security Precaution.”
“We notice that your online card services has been logged in from a different location ISP server, therefore access to your online card service has been blocked, to re-actviate your account click on the reference link ‘ACTIVATE MY CARD’ and follow the required step,” the message reads.
It continues, “Note: failure to do so will lead to permanent service suspension.”
Of course, the email has nothing to do with RBS. Users who click on the “ACTIVATE MY CARD” link are taken to a hijacked website belonging to a company from Poland.
The website has been set up to host a legitimate-looking RBS phishing page. Here, victims are asked to hand over their credit card services username, PIN, Internet password, email address, and email address password.
Once this information is handed over, the victim is taken to the genuine RBS website.
At the time of writing, Google already flags the malicious page. However, it’s likely that the cybercriminals are using multiple compromised websites in their scheme. That’s why users should be careful if they come across suspicious RBS emails in their inbox.
To ensure that you’re on the legitimate website, check out the URL in the browser’s address bar. The login page on the legitimate site is protected by a SSL certificate (indicated by a green bar and the padlock icon).
