Phishing Attack through E-MAIL, UK NATWEST CUSTOMERS BE WARNED!!!

k2k koos

macrumors 6502a
Original poster
Hello all, I've just been the victim of a phishing attack, through an e-mail received, using my default mail software MAIL.

It is a scam, pretending to be from NATWEST BANK. below is how it looks:

Do not respond to this, I had £8000,- stolen from my account because I was stupid enough to respond... , and brought be deep in debt with the bank. They are working on it, and will pay back, but this will save you from going through the same ordeal. Oh yeah, it is a certain mr S Marshall with a Halifax (bank) bank account that the money went to. so mr S Marshall (if that is your real name) we are after you! :apple:

It looks completely legit (I wasn't able to capture the entire screen), has all the animated advertising you'd normally find on their site, but be warned (and I learned a hard lesson), the natwest bank NEVER EVER sends you e-mails like this, if you receive it, report it, and call your bank so they can deal with it.
 

Attachments


wasimyaqoob

macrumors 6502a
Dec 23, 2005
577
1
London, England.
Perhaps where it says "Costumer" needs would of made you thought a MAJOR HIGH STREET BANK would not spell something like Customer wrong - However, just my opinion.

I'm very very sorry to hear about your loss, but i'm happy that your getting your money back :)

Thanks for letting us know though - Appreciate it!
 

skunk

macrumors G4
Jun 29, 2002
11,745
4,009
Republic of Ukistan
I do not wish to be unkind, and I hope you get your money back, but surely by now few people are taken in by this? You should NEVER click on ANY link in anything like this which is not addressed to you PERSONALLY. Certainly no online "secure" service will EVER ask you for your details except in the course of a transaction.

I regularly get emails purportedly from eBay, PayPal, Barclays, NatWest and others, none of which is genuine. Usually you only have to check the sender's address.

Good luck.
 

Applespider

macrumors G4
No bank will ever send you anything like this... and most of them have been telling their customers that for several years.

It does look very like the Natwest site so has probably fooled a few. The language in the message is a little stilted and odd which probably would have set alarm bells ringing in my mind.

Good luck in getting your cash back...
 

k2k koos

macrumors 6502a
Original poster
Yes agreed. And I actually reported it straight away, but I had a busy day, was tired, and overlooked the details, and spelling errors.... It wasn't until I came to the page on the website (which appears after you log in with NatWest, a bit strange) that warns of scams, that alarmed me, but by that time I had already 'logged' in to a false site...... I forwarded it none the less to the fraud department, which did not reply, and I discovered money stolen from the account two days later......:apple:
 

Cromulent

macrumors 603
Oct 2, 2006
6,034
35
The Land of Hope and Glory
No bank will ever send you anything like this... and most of them have been telling their customers that for several years.

It does look very like the Natwest site so has probably fooled a few. The language in the message is a little stilted and odd which probably would have set alarm bells ringing in my mind.

Good luck in getting your cash back...
It is very poorly written. Never, ever trust anything from a bank or other service. Never click on any links, if it asks you to log into your account close your e-mail program and type the URL of your bank website in BY HAND and then you can be sure that you are going to the right website.
 

k2k koos

macrumors 6502a
Original poster
I do not wish to be unkind, and I hope you get your money back, but surely by now few people are taken in by this? You should NEVER click on ANY link in anything like this which is not addressed to you PERSONALLY. Certainly no online "secure" service will EVER ask you for your details except in the course of a transaction.

I regularly get emails purportedly from eBay, PayPal, Barclays, NatWest and others, none of which is genuine. Usually you only have to check the sender's address.

Good luck.
thanks, I do not feel offended. I wasn't thinking straight that day, and it caught me of guard. And that's exactly how these criminals prey on you, I'm sure there are a few more that fell for it. When trying to contact the fraud department of the bank, it was very hard to get through to them....:apple:
 

OllyW

Moderator
Staff member
Oct 11, 2005
16,748
6,366
The Black Country, England
I got that a few days ago, it went straight into Junk Mail though.

No UK bank will ever ask you to log-on straight from an email link, they always ask you to go through their home page.

Also, if you hold the mouse pointer over the link it shows an address that is nothing to do with Nat West and isn't even a secure web page.

I hope you can get your money back but it isn't the fault of Nat West, so don't expect them to refund you. Your best hope is if they can catch the scammer.
 

Queso

Suspended
Mar 4, 2006
11,832
7
Cheers for spreading this warning. If it prevents one person here from falling for it you've done them a great service. I hope it all works out, although I suspect this S Marshall's account has also been hijacked for the purposes of laundering.
 

arkitect

macrumors 603
Sep 5, 2005
5,913
5,482
Bath, United Kingdom
I hope you can get your money back but it isn't the fault of Nat West, so don't expect them to refund you. Your best hope is if they can catch the scammer.
When you login to Natwest's Internet banking they display a prominent warning about recent phishing mail… So I expect NatWest would not be liable…

Live and learn… :(:eek:
 

OllyW

Moderator
Staff member
Oct 11, 2005
16,748
6,366
The Black Country, England
Hopefully, because you reported it straight away and NatWest didn't close the account and allowed the money be withdrawn, they might accept responsibility and compensate you?
 

clevin

macrumors G3
Aug 6, 2006
9,097
1
at this very time, I would strongly suggest Mozilla Thunderbird email client to you.

no matter how legit the email looks like, as long as its hidden link's address is suspecious, Thunderbird will pop-up a waning panel when you click it, and ask you if you really want to visit "http://www.xxxx.com (phishing address.)"

Thunderbird can be downloaded from www.mozilla.com

Im very sorry for your loss, hopefully they will investigate the situation and minimum your loss. This is indeed a very unfortunate event.
 

k2k koos

macrumors 6502a
Original poster
When you login to Natwest's Internet banking they display a prominent warning about recent phishing mail… So I expect NatWest would not be liable…

Live and learn… :(:eek:
Just came of the phone with the bank, they WILL refund, that's what they have an insurance for, in return I will have to cooperate with any possible police investigation into the matter.

As for the above warning, that appears AFTER you log in, it should be before you log in, as in my case I logged in (to the bogus site) and got the same warning, ooooopssssssssss:apple:
 

k2k koos

macrumors 6502a
Original poster
at this very time, I would strongly suggest Mozilla Thunderbird email client to you.

no matter how legit the email looks like, as long as its hidden link's address is suspecious, Thunderbird will pop-up a waning panel when you click it, and ask you if you really want to visit "http://www.xxxx.com (phishing address.)"

Thunderbird can be downloaded from www.mozilla.com

Im very sorry for your loss, hopefully they will investigate the situation and minimum your loss. This is indeed a very unfortunate event.
thank you for the link , will try this out :)
 

k2k koos

macrumors 6502a
Original poster
Hopefully, because you reported it straight away and NatWest didn't close the account and allowed the money be withdrawn, they might accept responsibility and compensate you?
Yes, they will refund it, it may take a few days to investigate and process, but they will refund, and even take the interest and costs for this as theirs.
I have to say, that I am very happy with the service they provide in this matter.:apple:
 

k2k koos

macrumors 6502a
Original poster
Do people seriously still fall for these?

Jeeees.
yes, eventhough I am usually very much on my guard, and thought I'd never fall for it, an unguarded moment, and a little too much haste (try screaming kids bugging you at the same time , too many other distractions etc) was all it took, so let my experience be a lesson and warning to all, you can never be too careful, and also do never think it will never happen to me (I did), something may 'bite' you when you least expect it....:apple:
 

rdowns

macrumors Penryn
Jul 11, 2003
27,345
12,409
To repeat what several others have said, NO BANK OR COMPANY you deal with will EVER send an email like that.

As a rule, you should never click links in an email to log into any secure account. Do it from your browser so you are sure of where you are going.

And yes, people fall for this all the time. That's why they are sent.

My company has people on a recurring payments via credit card. You'd be amazed how many people email us with credit card numbers, social security numbers (which we never ask for or use) and other personal information. Scary.
 

andiwm2003

macrumors 601
Mar 29, 2004
4,334
384
Boston, MA
got similar phishing mails for my german bank account for a while. called my bank to notify them about the problem and they sent out warning emails. sad thing is they never get the criminals. i'm glad you get your money back.

they really should sent the people who do this to jail for life. if they ever get them.
 

Doylem

macrumors 68040
Dec 30, 2006
3,858
3,640
Wherever I hang my hat...
We're all suscepible to scammers. If we're wise to this kind of stuff, then we may go for something amazingly cheap on eBay... or some other offer that appeals to our greed and love of a bargain.

Scammers and spammers know that 95% of internet-users are never going to divulge their details to a fake website, but that 5% offers plenty of potential. And every day there people getting online, reading these spoof emails for the first time...