NatWest banking scam hits UK online banking clients
Posted on 09 October 2012.
Bitdefender detected a new scam where criminals pretending to be from NatWest bank are attempting to steal customers’ credentials by circulating a fake satisfaction survey via e-mail. This follows the recent announcement that the NatWest ‘Get Cash’ app was suspended after abuse by fraudsters.

The fake NatWest customer satisfaction survey is currently flooding UK inboxes and comes from an e-mail address which resembles the authentic NatWest address. In a twist from past fraud campaigns, the scammers use the promise of a reward as bait, instead of a warning to urgently change passwords.

NatWest clients are told they have won a £100 gift certificate, which they will receive after completing a form. Clicking on the link included in the message takes users to a phishing page that asks for usernames and passwords. By giving away their credentials, and then their banking and credit card details to receive the reward, clients fall victim to credit card fraud or identity theft.

“Bank phishing is successful because it deals directly with the subject of cash – a subject that creates panic, joy or other strong emotions in users’ minds,” said Bitdefender Chief Security Strategist Catalin Cosoi. “An attack such as this one can spread like wildfire through a spam campaign. When users read they have won a reward or they will have their accounts deleted in 24 hours, many forget caution, and hastily give away personal details.”

To stay safe from phishing attacks, users shouldn’t click on links allegedly e-mailed from their bank or give away information until they check it’s a secured web page of the authentic financial institution.


More than 900 embedded devices share hard-coded certs, SSH host keys

SEC Consult analyzed firmware images of more than 4000 embedded devices of over 70 vendors and found that, in some cases, there are nearly half a million devices on the web using the same certificate.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th