High volume banking spam purporting to be from FNB

Posted on June 28, 2012

I have received High volume banking spam purporting to be from FNB for the last number of days. The only difference between these messages is the embedded link. Most are just URLs, some though have an x-apple-MSG-load in them.

Message and links below.

From : FNB (ibt@onlinedata.co.za)
Subject : Return on Charges

You are hereby notified that FNB is giving back all accumulated fees on taxable income that have been carried out over a period of one year. This is as a result of the new regulation imposed on banks by SARS. Please note that you have to follow the instructions below to the latter in other to ensure the funds is remitted into your account .

If you have an account with us, Kindly click here now.

© 2012 FirstRand Bank Limited.
An Authorised Financial Services and Credit Provider (NCRCP20). All rights reserved.

I have received 10+ of these a day for the last week or more. I have removed the link from the above so it isn’t live. In the mails the link varies between a number of sites some of which are listed below:
http://sushilcheema.com/charge_deposit_fnb_paid2/index dot php
http://sushilcheema.com/charge_deposit_fnb_pays/index dot php
http://istudymedia.com/charge_deposit_fnb_paid4/index dot php
http://digitalarborist.com/charge_deposit_fnb_pays/index dot php
http://createemailcampaigns.com/charge_deposit_fnb_payee/index dot php

Has anybody else been flooded with these?

Standard Bank phishing attacks

Posted on August 16, 2010

Over the last few weeks I have been getting emails “from” Standard Bank on a regular basis, probably one or two a week. Today I received two more. I am not a Standard Bank customer, so it is immediately obvious that they must be fake. Perhaps a little less so for those who bank with Standard Bank? Both of these mails look a little different, originate from different email addresses, and have slightly different profiles. Standard Bank (or someone) is on the ball (thankfully) as when I tried to follow up on the mails to see how the attacks were working both had been blacklisted with Firefox/Mozilla as phishing sites, and the offending pages had also been removed. There was one a few weeks back that had not yet been blocked at the time I tried to access it, so I have a little more info on that attack, which I will post as an update when I get a chance (probably on only the weekend).

Read the rest of this entry »

Help out an MBA student by completing questionnaire on Phishing

Posted on July 23, 2010

I, RAJAN MUNIEN, an MBA student, at the Graduate School of Business, University of Kwazulu-Natal, hereby invite you to participate in a research project entitled “Internet Phishing – Hook, Line and Hopefully not Sunk…” The aim of this study is to gain a better understanding about online user’s awareness to the problem of Internet Phishing (IP). Through your participation I hope to determine the level of awareness amongst users and to present a strategy in creating further awareness on the problem. The results are intended to contribute towards implementing an awareness programme that will prevent further users from becoming victims to the threat of Internet Phishing. Your participation in this project is voluntary. You may refuse to participate or withdraw from the project at any time with no negative consequence. There will be no monetary gain from participating in this survey group. Confidentiality and anonymity of records identifying you as a participant will be maintained by the Graduate School of Business, UKZN.

If you agree to the above and want to proceed to the questionnaire, please click on the link below. This survey will take you approximately 10 minutes to complete.


If you have questions at any time about the survey or the procedures, you may contact the author hereunder:
Rajan Munien, Cell : 084 – 5800 176, email : rajan.munien@gmail.com

%d bloggers like this: