Scammers Target Customers of Halifax with Phishing Campaign - Malwarebytes

Security firm Malwarebytes said that recently scammers tried to trick customers of Halifax by saying that bank's website would be updated and so they need their login details.

Notably, Halifax is a banking chain of United Kingdom and it is a division of Bank of Scotland.

Victims received a hoax email urging... confirmation of their account details thereby thwarting the incidence of loss of notifications, files (and) contacts and to evade the chances of getting locked out of service but actually the linked webpage was a phishing page.

Cbronline.com published news on 10th April, 2015 quoting Christopher Boyd, Malware Intelligence Analyst of Malwarebytes, as saying "the scheme followed a similar Halifax-related phishing campaign of some previous months which focused on updating of database."

Unfortunately, browsers already identified the site for phishing at the time of testing it.

Itproportal.com published news on 10th April, 2015 quoting security expert as saying "there was a better news for anyone using a browser having turned-off his/her anti-phishing (or a browser which didn't detect the above phish) as the page has been taken down and so there is no chance of any more theft of identity and / or card fraud taking place on this occasion."

It is not possible for us to give a rundown of all the details which phishers were eyeing because of the website being taken down quickly but they were surely looking for at least passwords and usernames.

The Bank separating itself from the unfortunate phishing scam said that it would never send to its customers any email asking for any kind of information such as online username or password and would never guide them to a website and ask them to update or unlock their online account access.

However, if you have already fallen for such fraud, please contact and inform your bank immediately so that they can block any unauthorized transactions as speedily as possible, change all your information including (security questions) and issue you a new payment card. Also forward the phishing email to the Bank so that necessary investigation can be conducted and an alert raised.

» SPAMfighter News - 4/22/2015