Subscribe

Phishing trips FNB

By Candice Jones for FNB
Johannesburg, 08 Nov 2007

First National Bank (FNB) clients are once again being warned of an increase in phishing attacks.

Two new phishing sites, aimed at FNB customers, have been identified over the last two weeks, one of which is still active.

An official looking e-mail, from a spoofed FNB mail account, is being circulated to e-mail addresses lifted off the Internet. It requests bank clients to update their account details by following a link.

The e-mail reads: "Due to concerns for the safety and integrity of the First National Bank account we have issued this warning message."

Clients who follow the link are directed to the phishing site, which is almost a perfect replica of the bank`s Internet banking logon page.

According to ITWeb IT manager Jared Wright, the active phishing site has been added as a module to a valid gaming Web site. "The site looks like it has been hacked and I doubt the owners are even aware they are hosting the replica."

<B>FNB`s</B> <B>golden rules</B>

* Never access the site via a link. Rather type the address into the browser address bar or save the address as a `Favourite`.
* If you suspect confidential information has been compromised, contact the dedicated fraud team on (011) 303-0960 for assistance, or e-mail risk.online@fnb.co.za.

He says ITWeb is at least one company that has been directly targeted by the phishing e-mail.

Wright says he has attempted, over the last few days, to contact the bank`s security centre to make them aware of the problem. However, he says he has had no response from them, or the call centre, with regard to the attack.

FNB says it is aware of the latest phishing sites."Our fraud investigators are looking into it. Once a site is confirmed to be fraudulent, it will be closed down."

Chris Kotze, FNB Online CEO, says: "We continue to advise our clients not to respond to any e-mail asking them for sensitive identity information and never to use a link to access their online banking Web site."

It is critically important to always ensure you access online banking functionality via the authentic fnb.co.za Web site, he says. "This could be verified by clicking on the [small] padlock on the site to expose the Verisign certificate information that will confirm who the site has been issued to [this must be www.fnb.co.za]."

According to the bank, there seems to be a spike in fraud as a whole over the holiday season, as people are more relaxed and, therefore, less vigilant. "There are usually more surplus funds available [as a result of bonuses and 13th cheques]. These factors make the festive season a more lucrative time for fraudsters."

Related stories:
 Malware becomes more localised
Malware attacks to soar
Data theft hits govt job site

Share