I received a Maybank2U phishing email trying to get my user name, password and even the TAC code. Not that I have a lot of money inside my bank account. With the money in my bank account, I think it is just enough for you to go and buy some sweets. Yes, that is how poor I am. Heck, take the account if you wanted to but on a second thought, better NOT for security reasons.
Now, what is phishing you may ask. Phishing is the illegal deceptive process of trying to get confidential or private information such as the user name, password, financial details by commonly masquerading as established institutions or even trustworthy websites.
The most common phishing method is by e-mail which prompts users to click on a fake link that brings the user to a fake website in order to get sensitive or private information. It is surprising that even until now with all those phishing alerts, people are still getting scammed. You now basically know what is phishing, back to the focus of the topic. I am going to show you all an example of phishing email and also how to detect phishing attempt.
As I was saying earlier, I received an email from Maybank2U that asks for my user name and password. Maybank2U is an online portal of Maybank, a bank based in Malaysia if you don't know yet. Being the skeptical person I am, me spidey sense kicks into action and upon inspection found out that the email is not legitimate and is a phishing attempt.
Hidden link/illegitimate link
Copy and Paste into new browser
No, such link exists
Hidden link/illegitimate linkAlways remember to not click links on emails. If you are really unsure then you can always copy and paste the link into new browser to access the said link to check. For example, I copied the said link to a new browser and the displayed link does not exists which further reinforce that this email is definitely a phishing attempt.
Copy and Paste into new browserNo, such link existsIn case you are wondering where the link leads to and why is it that a lot of people are still scammed, BenardCometh Revelations take the risk of being scammed by going with the process just for the sake of all readers out there which I am pretty sure is countable by ten fingers on a last count. Am I thoughtful or am I very thoughtful?
Hence, I clicked on the link and another window pop up which at a first glance almost look identical to the real/original Maybank2U website. Oh, the deception. Compare for yourself. The fake and the real in the following easy comparison created by yours truly.
Comparison between fake and real
My User name and password- Note the favicon
Cruky
Comparison between fake and realNote the following favicon as it will be referred later. Favicon is the icon circled in the red circle for the uninitiated.
My User name and password- Note the faviconThen after I click login an error message pops up. Notice that the error message if from cruky and not Maybank2u.
CrukyTo continue read the article click http://benardcometh.blogspot.com/2008/10/maybank2u-phishing-alert.html
No comments:
Post a Comment