Best Viewed With Firefox, Chrome or Safari
Copyright (c) 2006-2016 Coenraad de Beer
Cyber Top Cops - The Cyber Security Experts
Bringing Law and Order to the Cyber World
Copyright © 2006-2016 Coenraad de Beer


About Us Contact Us Support Us
Custom Search
Bookmark and Share RSS Feeds

 

Halifax Phishing Scams

PLEASE NOTE: Halifax is not responsible for these e-mail scams. Organisations and individuals, pretending to be Halifax, initiate them. All trademarks and related logos are either trademarks or registered trademarks of their respective owners, or their licensors. Cyber Top Cops is in no way affiliated with Halifax. The "Received From" e-mail address mentioned for each e-mail on this page, is a spoofed e-mail address and is not the true origin of the scam e-mail.

Date: 19 September 2007
Received from "Halifax Internet Banking" <customer_support_reference_62vji@halifax-online.co.uk>
Subject: Halifax UK Official Information
Bcc: <Several variants of the recipient's e-mail address>

Halifax Plc

Dear Halifax UK user!

Our Maintenance Division is performing an arranged Electronic Banking Service update

By clicking on the link below please begin the procedure of the user details update:

http://www.halifax-online.co.uk.session00746/confirm/_mem_bin/formslogin.asp.htm?portal=30kLjyveLjyveLadrzveDtcwhhOkhOvp

These directives are to be e-mailed and followed by all users of the Halifax Group

Halifax Banking Service does apologize for the problems caused to you, and is very appreciative for your cooperation.

If you are not client of Halifax Plc please ignore this email!

***** This is an automated message, please do not respond *****

© 2007 Halifax Online Service. All Rights Reserved.

Another phishing scam, created by a bunch of amateur scammers. The layout and formatting of this e-mail is similar to phishing scams like the Royal Bank Of Scotland phishing e-mails.

First of all they sent this e-mail to a whole bunch of people through the Bcc field, but during the spoofing process they messed up the e-mail header so bad, that the Bcc field, which was supposed to be a "Blind Carbon Copy", became visible to the recipient of the e-mail. Just ask yourself the question, if a bank ever had to send you an important e-mail, why would they Bcc several other recipients with a "highly confidential" e-mail?

Secondly, they messed up the anchor text of the phishing link. The top-level domain of the link in the example above is session00746, without a domain suffix. We're afraid that "session00746" is not the top-level domain of Halifax, so just by looking at the link you can already tell that the e-mail is a fraud.

Finally they end the e-mail with the line "If you are not client of Halifax Plc please ignore this email!". Why would Halifax send e-mails like this to people who are not their clients? The answer is simple, no professional institution will include ridiculous statements like these in their e-mails, not even to speak of sending e-mails to people who are not even their clients.


Date: 15 August 2007
Received from "Halifax Security Department" <onlineservice@Halifax.co.uk>
Subject: Account Update Notification

IMPORTANT SECURITY ALERT


Please note that our system recently noted that your attemption of signing on to your
account was failed while some errors occured during the processing update of your online
account you are having with our bank so we temproarily locked your online account for
security reasons..

We hereby notify you that you should kindly follow below link to update and unlock your
online account for your security safety ensured by our financial insititution.

CLICK HERE TO UNLOCK AND UPDATE YOUR ACCOUNT

Thank you for your prompt attention to this matter. Please understand that this is a
security measure meant to help protect you and your account.

We apologize for any inconvenience.

If you choose to ignore our request, your account may leads to be temporarily suspended


Investment Fund Managers Limited, Halifax Life Limited and Halifax Share Dealing Limited are
authorised and regulated by the Financial Services AuthorityThey are entered in the Financial Services
Authority's Register and their Register Numbers are 106048, 119223, 171881 and 183332. This is an
English language site, all contracts will be in the English language only. For optimal viewing of this site
you will need Macromedia Flash version 5 or above. Copyright © 2007, Halifax plc. All rights reserved

It is almost impossible to think that anyone can fall for a sloppy e-mail like this. The first paragraph has 3 misspelled words and it ends with two full stops. In the second paragraph they misspelled the word "institution". In the text at the bottom of the e-mail, they forgot to put a full stop and a space between "Authority" and "They". Everybody makes mistakes, but no professional institution is as sloppy as this.

[Back To Banking Phishing Scams Page]