Whilst most of us are facing financial crisis at this time, there are others who want to steal all that we have worked for. I woke up this morning to find two scam emails in my inbox. The first, apparently from a bank requesting me to complete a form attachment that includes my security details for PINsenty upgrade, they called it. Below is the email. The email itself has the 'to:' as 'none' and the 'Cc:' as 'recipient not shown'. Some one or some group of people want to take this information for mischievous reasons. Being a victim of scams like this in the past, I knew what I was going in for. After downloading the attachment, the details they are requesting is shown below:
Even the bank will not request such information from you so why do they want it now? Is it a security lapse in the organisation's IT system or is it an insider operation? I tried to investigate further.
When I copied the the domain name and pasted it into my browser, it came out as barciays.co.uk. So someone is playing with 'l' in the Barclays to read as capital 'i'. The web site is shown below:
The website itself looks ok with nothing mischievous. So I wanted to find out who is behind this. Actually, I was able to know who is hosting this domain and the purported owner but due to legal reasons I can not disclose on this blog.
The lesson are straight forward:
- Do not give your security details to anybody including the financial organisation you are dealing with.
- Contact your financial organisation to report any suspicious scam
- The Financial Services Authority has guidance on Staying safe against scams.