[shodan]

I reckon so! Looks extremely convincing, but I just don't think that a bank would do business that way.


Nationwide Logo Proud to be different

Dear Valued Customer


Nationwide Building Society has developed industry-leading models to review every transaction and help detect suspicious activity. Our Fraud Investigation Team has recently Upgrade Their Service to enable a faster and secure internet banking for Nationwide Building Society account.

Due to this recent upgrade,All Customers are advised to quickly Update their internet banking information.

However, failure this will result in account suspension
Once you have updated your account records, your Online session will not be interrupted and will continue as normal.

To Get Started,Please Click On

http://www.nationwide.co.uk/update.html

This email was sent by the Narionwide Online server to verify your e-mail address. This is done for your protection , because some of our members will no longer have access to their online banking and we must verify it.

Nationwide Building Society
Security Advisor
Nationwide PLC.

Please do not reply to this e-mail. Mail sent to this address cannot be answered.
HSBC Email ID # 1289

[Elmer]

Yup the usual phishing emails

If you get something suspicious in an email that your not sure of, just take a section of the email that readily identifies it and put it into google, for example on this one I copied and pasted Nationwide Building Society has developed industry-leading models to review into google and the first website that the search came up with shows that it's a scam, see link below.

http://www.millersmiles.co.uk/report/2965

Yes your right a bank or building society would never send you an email asking you to click on a link and enter your details.

[krish]

I suspect the true hyperlink was not in fact http://www.nationwide.co.uk/update.html (just like what I've done here )

Typical phishing email spam; I get loads

I am presuming you've copied and pasted here... quite a few spelling mistakes and grammatical errors, so not really convincing

Finally, banks/building societies do not email customers with a link to login and "Update their internet banking information" - oldest trick in the book



EDIT... btw Nationwide's not a PLC (i.e. bank), its a building society (a mutual); and why does it say HSBC at the bottom ??? - amateurs!!!

[GBDG1]

The real give away is "if you do not do this your account will be suspended"... typical example of pushing your luck...

[partyweb]

I've had that email and I don't even have an account with them.

[Knyght_byte]

the spelling mistakes do it for me everytime....Narionwide...lol

but likewise the 'your account will be suspended' type remarks just stink of 'we are trying to scare you'...lol

why would a bank suspend an account for this reason? they wouldnt.......they might prevent any further unauthorised transactions till you get in touch with them perhaps.....but thats all....certainly not suspend it..lol

[partyweb]

And what about those customers who don't give their bank an email address (or even have one )

[Knyght_byte]

Quote:

Originally Posted by partyweb

And what about those customers who don't give their bank an email address (or even have one )

i guess if they dont have an email address then they dont get the spam in the first place

[Reign-Mack]

[Rygar]

I would ignore/delete after reading the first line "Dear Valued Customer"

Banks etc tend to know the actual name of their customers, and use them in any correspondence with them.

As others have pointed out the rest of the letter is filled with spelling/grammatical errors.

As phishing emails go, this one is very poor by comparison to others I have seen. The scary part is though, it is good enough to convince many people that it's genuine. These scumbags only need a few people to believe it and they're quids in.

[IronGiant]

We online bank with Nationwide and haven't received it or anything like it. It's a fake.

Dave

[Greg]

I'm sure most people know this by now but banks or building societies will never send you an email asking you to click a link to update your bank details. They will never do it, so if you ever get an email claiming to be from a bank with a link to click, just delete it. If unsure, just log into your account in the normal way and see if there are any messages rather than clicking a link in an email.

[Pat_C]

I sometimes go into these fake sites (you have to be quick, before they are removed) and enter fake details just to waste a little of their time.

[Steven]

I bank online with Natwest, but I think across all banks you never give an email out and all initial setting up is done in sperate letters, as in my case?

[mjn]

Why would a Nationwide e-mail have a HSBC e-mail #ID?

ROFL

[krish]

Quote:

Originally Posted by Pat_C

I sometimes go into these fake sites (you have to be quick, before they are removed) and enter fake details just to waste a little of their time.

not necessarily a good idea, athough I support your sentiment
- you never know what nasties might might be installing themselves in the background while you are on their fake site... so that next time you do some genuine online banking (that's not rhyming slang btw ) or other https login your keystrokes might be recorded and sent to these dastardly cybercrims

[krish]

further to describing keylogging in my post above
I have just read this related news:
[FONT="Comic Sans MS"]Risk to 3m HSBC web accounts
www.thisismoney.co.uk/news/article.html?in_article_id=411576[/FONT]

[mjn]

Quote:

Originally Posted by krish72

further to describing keylogging in my post above
I have just read this related news:
[FONT="Comic Sans MS"]Risk to 3m HSBC web accounts
www.thisismoney.co.uk/news/article.html?in_article_id=411576[/FONT]

I bank with HSBC online, and don't think the risk is as high as they make out, in fact i'd say its very low. I'd like to see the computer geeks at Cardiff prove their point.

[Pat_C]

Quote:

Originally Posted by krish72

not necessarily a good idea, athough I support your sentiment
- you never know what nasties might might be installing themselves in the background while you are on their fake site... so that next time you do some genuine online banking (that's not rhyming slang btw ) or other https login your keystrokes might be recorded and sent to these dastardly cybercrims

A fair point for PC users perhaps, but I only use Macs. I've never heard of keylogging software being installed on a Mac, although I'm sure it is technically possible.

[mjn]

Quote:

Originally Posted by Pat_C

A fair point for PC users perhaps, but I only use Macs. I've never heard of keylogging software being installed on a Mac, although I'm sure it is technically possible.

Keylogging devices don't have to be software, they can be hardware as well.

Quote:

Originally Posted by mjn

Why would a Nationwide e-mail have a HSBC e-mail #ID?

ROFL

I hear there are people, general public who scurry around where there is a certain supermarket looking for drop till receipts looking ones where lots of money have been spent going in with there nectar card saying this is theres they forgot to bring it in when they shopped were told they could have the points put on next time they bought there cards in.