One, two, three of phishing

(Plus, how not to take the bait)
Here is one more proof that you should never, ever, enter your banking details on a web page accessed after clicking on a link included in an email message sent (ostensibly) from your bank. One of bidorbuy friends recently received an email informing her that a large amount had been paid into her account. The message looked like this:

Phishing email illustration

When she clicked on the CLICK HERE link, she landed on this page:
Phishing website illustration

Savvy as she is, this Internet user noticed that her browser did not display her bank’s address, but a very fishy one instead (centralcityboosters). Naturally, she refrained from entering any details into the little boxes provided. Had she done it, her secret PIN code and password would have ended up in the hands of fraudsters, with possible dire consequences to her bank balance.

Banks do try to provide secure online environment for their customers. That is why your bank may require you to enter a once-off password whenever you create a new beneficiary; that is why your bank may send you an SMS every time an online transaction is made from your account; that is also why no bank will ever ask you to access the secure log-in page straight from a link included in an email message.

The rest, however, is up to you: you still need to be vigilant!