An email supposedly coming from UK retail bank Lloyds TSB is doing rounds, trying to trick recipients into following the embedded link to a malicious page:
The email claims that the bank is setting up new online banking authentication procedures, and urges clients to confirm their banking details, warning that they will not be able to access their accounts if they do not do this.
“Bank customers who are fooled by the fake email and click the email link will first be taken to a bogus webpage and asked to enter their bank login details. The page is designed by its criminal creators to closely mimic the real Lloyds TSB login page,” Hoax-Slayer warns.
“Once victims have logged in on the fake page, they will then be presented with an account confirmation form hosted on a second fake page that asks for name, address and identification details as well as credit card and banking information. If victims provide all of the requested information and hit the “submit” button, they will then receive a final message informing them that their account confirmation has been successfully completed.”
Unfortunately, all the information that has been entered is sent directly into the hands of the criminals behind this phishing scheme.
Never to follow links embedded in unsolicited emails – no matter how legitimate they look. If advised in the email to log into an online account and perform an action, it’s always best to type in the URL of the login page directly into the browser’s address bar and continue from there.