Smile Online Banking - Fraud attempt?

  [DELETED] 17:55 06 Oct 2003
Locked

Have had this email sent to me:

____


Dear Valued Customer,


- Our new security system will help you to avoid
frequently fraud transactions and to keep your
deposited funds in safety.


- Due to technical update we recommend you to
reactivate your account.


Click on the link below to login and begin using
your updated Smile banking account.
To log into your account, please visit the Smile
website at:


click here


To review your statement, log into your Smile banking account and click the eStatements & eNotices button in the left navigation of your Account Summary page. Your new statement is listed in the left navigation of the page.

If you have questions about your online statement, please send us a Bank Mail or call us at 0845 072 1112.

We appreciate your business. It's truly our
pleasure to serve you.

Smile Bank Customer Care

This email is for notification only. To contact us, please log into your account and send a Bank Mail.

____

It was sent to an email account that has NEVER been used for any smile products.

Any suggestions?

Have instructed the person who did get it (my father) not to do anything with it. As I'm the only one in the famly with a smile account and a little bit wary of what is going on.

  [DELETED] 18:00 06 Oct 2003

Have you tried calling on the number given AND a number you know to be genuine?

  [DELETED] 18:02 06 Oct 2003

nah i'm not that worried :)

I've just sent smile.co.uk a secure email via my normal website login.

You can get to the URL given in the email from their smile.co.uk site so it may be genuine. However it was sent to an 'unused' email.

  Forum Editor 18:42 06 Oct 2003

is always to enter a false login, and then to investigate the failed login page.

If there isn't one you can be pretty sure there's somthing fishy going on. In this case the failed login procedure is absolutely right, and the asp page that appears in the login path is genuine. The chances that your average criminal would know enough to be able to fake things to that degree are slim I think.

  [DELETED] 19:06 06 Oct 2003

an interesting approach - hadn't thought of that one. My trick was to do a WHOIS lookup on the domain you ended up at. That looked genuine!

  [DELETED] 23:01 06 Oct 2003

Just checked and had this response from Smile:

I can confirm that the message you received is not a genuine smile message. Smile wouldn't contact our customers in this way.

We are aware of this problem and are trying to get the site shut down.

Please don't reply to the message, if you already have done please give us a ring and we'll update your security for you. You're not at risk. Non-smile customers have been getting the same message so the inly information they have on you is your e-mail address.

Thanks for informing us.

Sophie

  [DELETED] 08:16 07 Oct 2003

Am i correct, the site was a fraud?

It looked OK to the FE and the whois query looked genuine....

Be carefull out there!!!!

Kitz E Kat

  [DELETED] 08:31 07 Oct 2003

Couldn't say if it was a fraud or not. What I do know is that Smile didn't send the email and say (like most banks) they never would do.

You are right, people do need to be very careful out there.

Remember:

1) You will never be asked for your password in an email.

2) If you use secure sites (banks or not) then always visit them by typing a URL into your address bar and NOT using the link from an email. That way you know you are going in the right and proper way.

  [DELETED] 08:35 07 Oct 2003

The 128 bit SSL certificate info says

CN = click here
OU = Shared Services
O = Fidelity Investments Limited
L = Hildenborough
S = Kent
C = GB

  [DELETED] 08:37 07 Oct 2003

Does that tell you anything?

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Microsoft Surface Book 2 15in review

Illustrator Amy Grimes on how setting up her own eco-brand led to success with clients too

MacBook Pro keyboard issues and other problems

Test : l’enceinte connectée HomePod d’Apple