I am pretty sure that most of you had came across an email saying that there’s fake maybank2u site which is used to “steal” money from you.
Ok this time we have the same thing again, its just that the method is some how different. I’ve got this information from some emails and sharing with you guys.
Here it is shown that when you click the link, these websites will be displayed and if you just entered any username and password (DO NOT ENTER YOUR REAL USERNAME & PASSWORD) and also any TAC it will still move to the next page without notifying you had entered wrong login codes. If you enter the real username and password, they will used them to login to your account.
The best is in the last PAGE where they do not advise you to check on your account until 5.45pm, so that they got the time to CLEAR all your money.
Just becareful as you login into any sites which requires your personal information such as passwords, credit card numbers with the 3 digit securite code or your internet banking credentials. Its very bad to cheat others money using easy way, but its too lame to lose the money in this way too. Please be extra cautious.
p/s: at this time of blogging, i tried to access the given link but it returns page not found. perhaps the Authority had rectified the issue and blocked the site.
Vicky,
I’m sorry to say that there are so many IT professionals in this world who are basically BIGTIME idiots. When a bank sends you an email, it would originate from the bank’s website (blablabla@maybank2u.com or blablabla@publicbank.com.my or even blablabla@barclays.co.uk) not any other sites like how you have shown. This is basically a kind of phishing method. The best way to spot this looking for the server header. In most email programs, there is an option to show headers. From there, u may ascertain that whether the email is real or fake.
Thanx for the informative mail. Its nice to see a sort of update in phishing sites. More detailing for my MSc paper
From what I see from the post, there are 2 obvious fraud.
1. The URL is not directing to maybank2u.com.my.
2. Maybank2u has changed their Interface. And the fraud site is still using the old one.
For those who unsure, do check the URL before clicking it. Even if, you didn’t enter your details but there is chances that the website will install virus into your computer.
agreed!! evennif the IT ppl are not aware of this, how could the non IT savvy can be more alert. I guess its gonnabe a threat to those whom always paranoia about e-commerce and internet banking.
the previous attempt was they had a one way mirror kinda thing and it masked the URL to the real one and it does only appear to be dfrent URL after the victim input the credentials.
“Precaution better than cure”…..Better way to keep alert from Internet thieves,nice post.