FI Frauds: massive phishing attack against Malaysia's Maybank
A fraudster is bombarding those on a Malaysian spam-list with multiple copies of a phishing scam targeting customers of Maybank, Malaysia's largest bank.
Purportedly from: Maybank2U.Com
Fake e-mail / domain: c.services@maybank-ib.com
Subject: 1 new message
Body: Dear Customer,
We are currently carrying out a planned service upgrade, which is aimed at providing you better security to protect your username, password and Transaction Authorisation Code (TAC). We therefore ask that you confirm your data
To get started, click on the link below
[page apparently at maybank2u.com.my
BUT users of html / rich text will have seen a link to a page at luidordecolombia.com.[
* Note: If you have not registered with Maybank Group, please ignore this message and your contact information will be deleted within 7 days.
Thank you,
Maybank2u.com.
Comment:
Bizarre admission that the mail has been sent to non-customers, therefore proving it is not a real Maybank note.
More bizarre: the link is to the domain maybank2u.com.my which is a legitimate Maybank domain.
The signature block is to maybank2u.com which is a domain name registered to a privacy service but which forwards to Maybank2u.com.my
The domain maybank-ib.com is registered to Aseambankers Malaysia BHD, the former name of Maybank's investment and merchant banking division.
Recommendation: as usual: kill html / rich text mail. The cloaking of fraudulent addresses in such mail is the spam-scammer's greatest advantage.
(information courtesy www.dnsstuff.com)
Download PDF version of this page