Nedbank Email Scam

[Dean]

Just received the email below, obviously it's a scam.

If you receive it, don't click any of the links.

Cheers
--------------------------------------------------------------------------------------------------------

---------------------------- Original Message ----------------------------
Subject: Account Important Notice!!!
From: "Ned Bank" <info@ned.com>
Date: Thu, April 15, 2010 11:26
To: undisclosed-recipients:;
--------------------------------------------------------------------------



Dear Valued Customer.

Additional security on our website bring unity and combined strength to
our commitment to provide exceptional banking in the SA,

it's strongly required that you should Validate your logon and security
Details.

Validate account
login
This email was sent automatically please do not
respond

 

[ld13]

PM me the links please...

 

[ic]

IP address that it was sent from [in the email's headers]?

 

[ld13]

IP address that it was sent from [in the email's headers]?

Hopefully it ain't from a [SA Webhost] ... pain in the behind to get [SA Webhost] to do anything about things like these it seems. Sitting with a case at the moment. Clearly sent from a WA smtp server etc etc - "gimme ISPA take-down request kthxbye" ... Afrihost also not being exactly helpful at the moment :/ meh - I've had international webhosts take-down multiple domains within minutes of me reporting the spam/scam/et al. Here in good old Africa I need to wait 3 days alone just for ISPA to process my request. But I'm going a tad bit OT now...

 

[francoislr]

Does nedbank send OTP's to you to like fnb does? If they do, one should inform them that people are trying to scam their customers and they should include a warning about it in the otp sms. will save them a lot of face.

 

[MrMag]

I received one don't even bank with nedbank? would like to know how they got my MWEB email address?
The Logon key button on the email if you hover the mouse pointer over it you get a WEB address as follows http:/blondin***su.com with some other code showing nedbank I also received another email same layout with another WEB address http:/www2.allaboutphilly.com easy to see if you do press the button it will goto a ficticous site resembling Nedbank where they will capture all your details when you enter them.

Be very careful and ignore the email those who have accounts !!! YOU HAVE BEEN WARNED !!!

 

[ITCynic]

I enjoy these bank phishing e-mails, I visit the site and fill in all the blocks with swear words (I have adequate anti-virus/malware/firewalls in place though)

Sure adds garbage to the "phisherman" database

 

[Dean]

Does nedbank send OTP's to you to like fnb does? If they do, one should inform them that people are trying to scam their customers and they should include a warning about it in the otp sms. will save them a lot of face.

I don't know, but for a company that doesn't have a clearly visible email address contact on their website - that can be found with less than 5 minutes of searching, I don't really care about saving them any face.

Would have forwarded them the email the second I got it, but I refuse to give them everything up to my full medical history just to use their Contact Us form.
Seriously Nedbank - F.off.

 

[ic]

I don't know, but for a company that doesn't have a clearly visible email address contact on their website - that can be found with less than 5 minutes of searching, I don't really care about saving them any face.

Would have forwarded them the email the second I got it, but I refuse to give them everything up to my full medical history just to use their Contact Us form.
Seriously Nedbank - F.off.

Here ye go:

And another oneVCD, please check your email - forwarded...

Also forwarded that to phishing@nedbank.co.za.

<added></added>

 

[d7e7r7]

Received a similar scam this time targeting Standard Bank customers. See here:http://mybroadband.co.za/vb/showthread.php?228909-Standard-bank-email-scam

 

[Dean]

I got that same one too

 

[bdt]

Here ya go:

Return-path: <ib@nedbank.co.za>
Envelope-to: [xyz]
Delivery-date: Fri, 30 Apr 2010 14:14:07 +0200
Received: from caiajhbihbdd.dreamhost.com ([208.97.187.133]:38674 helo=webmail5.g.dreamhost.com)
by [my.host.mailserver] with esmtp (Exim 4.69)
(envelope-from <ib@nedbank.co.za>)
id 1O7p6d-0001yG-GJ
for xyz; Fri, 30 Apr 2010 14:14:07 +0200
Received: by webmail5.g.dreamhost.com (Postfix, from userid 999)
id 58BCA15C3C4; Fri, 30 Apr 2010 05:13:50 -0700 (PDT)
To: undisclosed-recipients:;
Subject: Update Your Account
MIME-Version: 1.0
Date: Fri, 30 Apr 2010 05:13:50 -0700
From: Ned Bank <ib@nedbank.co.za>
Reply-To: ib@nedbank.co.za
Message-ID: <06991c9febc709e75d758e413d8410ff@localhost>
X-Sender: ib@nedbank.co.za
User-Agent: RoundCube Webmail/0.2-stable
Content-Type: multipart/alternative;
boundary="=_75561625d4ba879294826c0516a817ba"
X-Spam-Status: No, score=3.0
X-Spam-Score: 30
X-Spam-Bar: +++
X-Spam-Flag: NO
X-EsetId: D463AF2972B26869CB65AF7D79E324