Sophisticated Phishing Scam Targeting Lloyds Bank Customers
Leo Daniels • September 4, 2020
This is a subtitle for your new post
Lloyds Bank customers are being targeted by a sophisticated email and SMS messaging phishing campaign, according to an investigation by law practice Griffin Law.
An estimated 100 people have reported receiving fake communication purporting to be from Lloyds, which is one of the largest banks in England and Wales.
In the email scam, a realistic-looking email using Lloyds logos and branding is distributed containing the subject header: “Alert: Document Report – We noted about security maintenance.” The message, which has spelling errors and some Chinese characters, claims that the recipient’s bank account has been compromised, stating: “Your Account Banking has been disabled, due to recent activities on your account, we placed a temporary suspension until you verify your account.”
Users are then redirected to a fraudulent site called Lloyds[Dot]bank[Dot]unusual-login[Dot]com, which attempts to trick visitors into believing it is legitimate through the use of official branding. The site then requests customers’ log-in details including passwords, account information and security codes and other person data.
In the SMS version of the scam, people received a text attempting to entice them into visiting the same fraudulent site. It says: “ALERT FROM LLOYDS: New device attempted to set up a payee to XXX. If this was NOT you, visit: Lloyds[Dot]bank[Dot]unusual-login[Dot]com.”
In a tweeted response to a user who informed them they had received the scam email, Lloyds Bank said: “This isn’t a genuine message from us; it’s a scam. If possible, could you please forward this email or text message to us at: emailscams@lloydsbank.co.uk.”
Commenting on Griffin Law’s discovery, Chris Ross, SVP at Barracuda Networks, said: “Hackers often hijack the branding of legitimate companies in order to steal confidential financial data from unsuspecting victims.
“These scams can be very convincing, making use of official logos, wording and personalised details to lull the individual into a false sense of security. In most cases, the victim will be directed to a fraudulent but realistic looking website, where they are urged to enter account details, passwords, security codes and PIN numbers.
“Phishing attacks like this pose a huge risk both to individuals and the companies they work for, especially if hackers gain access to a business bank account. Tackling this problem requires robust policies and procedures as well as the latest email security systems in place to identify and block these scams before they reach the inbox.”
We’re 1-fix, we can help you secure your business
At 1-fix, we take a realistic approach to technology – ensuring our client’s systems are best protected.
If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might be and identify actions to take.
Join Our Mailing List
All sign-ups are handled inline with our privacy policy and can unsubscribe at any time.
Recent Blogs
Planning to move to the cloud? Discover what to expect, key benefits, and how 1-Fix IT support ensures a smooth, secure migration for your business.
Cut costs and reduce your carbon footprint with cloud migration. Discover how 1-Fix IT support helps businesses save and go green with managed IT services.
Discover why summer is the perfect time to move to the cloud. Learn how cloud migration boosts flexibility, security & cost-efficiency with 1-Fix IT support.
Protect your business with expert IT support. Learn why cybersecurity is vital for reputation, compliance, and long-term success.
Avoid the risks of using Office 365 Home at work. Learn why Office 365 for business is the right choice for security, scalability, and compliance.
Discover the key benefits of outsourced IT support, from enhanced cybersecurity and 24/7 monitoring to cost savings and regulatory compliance.
