Menu Search Hoax-Slayer

Lloyds Banking Group 'Online Access Suspended' Phishing Scam

Outline
Email that pretends to come from Lloyds Banking Group claims that the recipient's online account access has been suspended because login details are incorrectly entered several times.

Brief Analysis
The email is not from Lloyds. It is a phishing scam designed to trick users into giving their account login details and other personal information to Internet criminals.


Example

Dear Customer,

To protect your accounts, we automatically suspend your online access
when your log in details have been entered incorrectly several times.

To get back into the service, you can re-instate your details quickly and easily
prevent your self from online fraudulent and unauthorized transfers within
your account, click the ''link' below to proceed.

Suspended ID Number: TSB-558-271-374

Log On Here to proceed.

Thank you for banking with Lloyds  Bank.

Sincerely,

Online Security Team

Lloyds Banking Group.



Detailed Analysis
According to this email, which purports to be from the UK's Lloyds Bank, the recipient's bank account has been suspended. Supposedly, account login details were entered several times, so the bank suspended access in order to protect the customer from online fraud attempts.


Ironically, the email itself is the online fraud attempt. The message is a typical phishing scam. Customers who are taken in by the false claims and click the link as instructed will be taken to a fake website where they will be asked to login to their Lloyds online account. After logging in on what they believe is the genuine Lloyds website, victims may then be asked to provide further personal data such as their credit card details and ID information. At the end of the sequence, victims may be automatically redirected to the genuine Lloyds website.

Meanwhile, the criminals can hijack their bank accounts, transfer funds, conduct fraudulent transactions and perhaps even steal their identities.

Phishing shows no signs of losing its position as one of the most prevalent Internet scams. Be wary of any email from your bank that claims that you must click a link and login to your account to update details, verify your identity, or deal with a supposed account issue. If you receive such an email, do not click any links that it contains. Some versions have their phishing payload in attached files, so do not open any attachments that come with such emails either.

The fake web pages used in such scams are often taken down quite quickly. And, after the fake pages have been reported, most modern browsers will display phishing warnings when people click links in the scam emails. However, the scammers will continue to put up new versions of the fake web pages and send out another round of scam messages. And so the cycle continues.

Lloyds has information about phishing scams and how to report them on its website.


Last updated: January 31, 2014
First published: January 31, 2014
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
Lloyds - Phishing Scams

© Brett M.Christensen, 2014. All Rights Reserved.

Go to Desktop Version