Barclays Bank customers targeted by phishers

Credit to Author: Christopher Boyd| Date: Thu, 22 Jun 2017 15:00:26 +0000

Today we have a phish targeting customers of Barclays Bank, located at:

bank(dot)barclay(dot)co(dot)uk(dot)olb(dot)auth(dot)loginlink(dot)action(dot)p1242557947640(dot)chofcg(dot)com/bd/

The phish opens up with an initial lunge for personal details:

barclays phish

The first page asks for a surname, then offers the potential victim a variety of petards to hoist themselves from – do you want to enter your membership number, card number, or sort code and account number? Please, step right this way.

The second page continues the deep dive with a move into the realm of PIN sentry codes:

more barclays phishing

Barclays use a device called a PIN Sentry for certain online (and offline) activities. Step 2 of this phish asks for the last five digits of your card, the eight digit code that appears on the device, and “your four digits ATM code”. After that:

Final phish page

A 5 digit telephone banking passcode and a mother’s maiden name, you say?

It would appear the phishers are trying to get enough bits of information to try some social engineering on someone in a call center, though they’re not going to get very far with a 4 digit PIN given the person on the other end of the line wouldn’t know it. Only today, a friend of mine told me their husband nearly lost his business account cash (held with another bank) because someone phoned him up and asked for his personal details. He only realized something was wrong when they asked for his PIN number – but he nearly didn’t phone the bank because he thought they’d “tell him off”.

Don’t be like him. Should you ever run into a scenario such as the above, the very first thing you should do is call your bank for help. They’ll give you the best course of action from there, and with any luck, your hard-earned money won’t be going elsewhere.

 

Christopher Boyd

The post Barclays Bank customers targeted by phishers appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/