Absa issues phishing scam avoidance tips

g-d-zilla

Well-Known Member
Joined
Jun 20, 2008
Messages
277
They're just waking up to this now. Standard Bank had its turn a few months ago, then FNB, now ABSA. Guess Nedbank will be attacked soon too. Never ever open or click on any e-mail message supposedly from the bank requesting info especially account number or password. Just delete it. The "security software" from FNB is a waste of time because it is visible all the time and checks each and every load of every DLL, echoing output to the screen and really slowing everything down.
 

gregmcc

Honorary Master
Joined
Jun 29, 2006
Messages
23,599
They must have been living in a cave for the past years. This is old news. Nothing to see...move along.
 

superskully

Expert Member
Joined
Aug 11, 2009
Messages
2,432
Actually Absa has had this on their website for a long long time now. Dont know why MyBB is posting this now. Could be an additional warning for the festive period.
 

davemc

Executive Member
Joined
Apr 8, 2009
Messages
6,518
Absa Boardroom 4435 - Made completely out of marble, covered with the finest quality imported velvet and leather:
Morning people, welcome to the weekly meeting.
Do we have any marketing activities going on to validate our excessive fee structures?
None at all? I cannot believe that. Surely there has to be something.
Okay people, go out and find valid stuff to spend marketing money on, otherwise we will struggle to validate our budget for next month.
 

das Toktokken

Honorary Master
Joined
Jul 18, 2008
Messages
54,006
The latest and increasingly sophisticated phishing techniques are presented in a way that make them look really authentic. “At times, these emails fraudulently duplicate the bank’s logos and use content snippets from the financial institution’s official website. All of this is geared towards deceiving unsuspecting victims into divulging their logon, security and other banking details that could be used to compromise their bank accounts.
HAHAHAHAHAHAHA!
Perhaps that's considered sophisticated to a bank executive?
Some of us dont fall for the marketing stuff y'know.
 

Bluray

Senior Member
Joined
Nov 1, 2010
Messages
771
They're just waking up to this now. Standard Bank had its turn a few months ago, then FNB, now ABSA. Guess Nedbank will be attacked soon too. Never ever open or click on any e-mail message supposedly from the bank requesting info especially account number or password. Just delete it. The "security software" from FNB is a waste of time because it is visible all the time and checks each and every load of every DLL, echoing output to the screen and really slowing everything down.
Opening these links from an email on a BlackBerry actually shows you the link you're going to open. It clearly shows it's not a supposed banking institute link.
 

Gimaru

Well-Known Member
Joined
Jun 14, 2006
Messages
443
Why do I get phising mails from @absa.co.za e-mail addresses? And Absa does nothing about it?
 

davemc

Executive Member
Joined
Apr 8, 2009
Messages
6,518
Why do I get phising mails from @absa.co.za e-mail addresses? And Absa does nothing about it?
I can send you and email right now from my little PC that will list the from address as "yummy@peanutbuttersammich.co.eek".
i.e. Absa don't get to dictate the internet SMTP protocols, which are quite easy to masquerade.
 

cpu.

Executive Member
Joined
Jun 23, 2010
Messages
5,115
Why do I get phising mails from @absa.co.za e-mail addresses? And Absa does nothing about it?

It's easy to fake the from address. But if you look closely - like in Gmail - you will see "where" it's from and where it's really from. In Outlook you don't even have to search it's clearly shown as 2 addresses (if I remember correctly).

It's the same as your spam folder full of "me" emails, supposedly send by you to yourself.
 

PsyWulf

Honorary Master
Joined
Nov 22, 2006
Messages
12,527
SMTP 101:

Connect to email server
Email server asks what the sender email address is - You reply with fake address
Email server asks what the distination address is - Fill in destination
Send email content
Goodbye

And you receive a mail from santa@thenorthpole.cold

SMTP is baseline very trusting,it ballooned insanely since inception. There is a few technology drives to try tighten the loose screws of SMTP with stuff like the Sender Policy Framework and RBLs but it's yet to be fully implemented everywhere,1 weak link in the chain and it breaks
 

milomak

Honorary Master
Joined
May 23, 2007
Messages
12,564
HAHAHAHAHAHAHA!
Perhaps that's considered sophisticated to a bank executive?
Some of us dont fall for the marketing stuff y'know.

tbf it is highly sophisticated when you look at it from the point of view of your normal consumer. of which there are far more than the people you will find on mybb. it is why the phishing sites work.
 

j4ck455

Executive Member
Joined
Jan 2, 2006
Messages
6,817
“Under no circumstances should customers click on links provided in these emails because these will take customers to a hoax scam site or pop-up window that resembles the bank’s official website.

“One way of avoiding this is for customers to ‘manually’ type their bank’s official website address into the browser address bar, rather than following links embedded into phishing emails,” advises Vrey.

Most users of the interwebz don't know what the address bar is and what to do with it and will Google for the site they want including googling for Google itself. The solution would be to have an IQ test that weeds out people who should not be allowed to use the interwebz.
 

das Toktokken

Honorary Master
Joined
Jul 18, 2008
Messages
54,006
tbf it is highly sophisticated when you look at it from the point of view of your normal consumer. of which there are far more than the people you will find on mybb. it is why the phishing sites work.

It's as sophisticated as walking around with a fake letterhead when you think about it. The average internet connected consumer will even understand this. The problem is that they are lazy and gullible. People won't hesitate to phone their bank first if they got a fake letter in the post asking for their banking details, but somehow they are apt to click a bad link without confirming it. It's not a question of technology, it's a question of savvy and too many people dont have it.
 

milomak

Honorary Master
Joined
May 23, 2007
Messages
12,564
It's as sophisticated as walking around with a fake letterhead when you think about it. The average internet connected consumer will even understand this. The problem is that they are lazy and gullible. People won't hesitate to phone their bank first if they got a fake letter in the post asking for their banking details, but somehow they are apt to click a bad link without confirming it. It's not a question of technology, it's a question of savvy and too many people dont have it.

that's the point. the more authentic looking the letterhead, the more likely the gullible will fall for that letter.
 
Top