I received this alarming phishing email. I almost fell for it, but luckily I know that:
1. Banks NEVER send email asking people to update their online accounts
2. I will always hover to see the URL of the supposedly Ambank website.
The problem is why does it the email sender is customercare@ambankgroup.com?? Looks like a valid email from Ambank. I think these phishers are able to disguise their email address to appear as a valid email from Ambank?
I hope Ambank will reinforce the notification to its customer not to click any website link from any email even if it "supposedly" comes from Ambank itself.
A little googling shows that it is an indeed valid email:
Contact Information:
AmBank Contact Centre
P.O. Box No. 12617
50784 Kuala Lumpur.
E-mail address: customercare@ambankgroup.com
AmBank Contact Centre
P.O. Box No. 12617
50784 Kuala Lumpur.
E-mail address: customercare@ambankgroup.com
From: AmOnline
[mailto:customercare@ambankgroup.com]
Sent: Saturday, September 22, 2012 7:30 PM
To:
Subject: AmOnline Profile Status
Sent: Saturday, September 22, 2012 7:30 PM
To:
Subject: AmOnline Profile Status
Dear Esteemed Customer,
|
|
Due to the ongoing upgrade on our server, we
have urged all AmOnline users to validate their internet banking profile.
|
|
Please log on to our website www.ambankgroup.com (will redirect you to http://www.mcginleysofas.com/images/banners/index.htm where the phishing website will trick you to enter your username and password ) to validate your online banking platform.
|
|
Failure to adhere to this message may result
to account suspension.
|
|
Thank you & have a good day ahead!
|
|
Warm Regards
|
AmOnline Team
|
You have received this e-mail because you are an Ambank user. To avoid future emails like this being automatically sent to your junk folder, please add our email address to your Address Book and/or the "Approved Sender" list.
PLEASE TAKE NOTE of the following:
This is a computer generated statement. No
signature is required as this is a computer generated notification. Please do
not reply to this email. This email and all its attachments are strictly
confidential and may contain information privileged to the intended addressee.
If you are not the intended addressee, please delete this email and its
attachment immediately and do not disclose, copy, circulate or in any other way
use or rely on the information contained in this email or any of its
attachments. Any unauthorised use or dissemination of this message in whole or
in part is strictly prohibited. Emails cannot be guaranteed to be secure or
error free as the message and any attachments could be intercepted, corrupted,
lost, delayed, incomplete or amended. AmBank does not accept any liability for
damage caused by this email or any of its attachments.
Email sender address can be easily faked in Unix. Basically you can send with any email sender address as you wish.
The valid thing here is the URL link. If it is a valid (no typo) URL, it should be fine. That one they cannot fake it. Not the one displayed but the actual URL when you click on the link.
Also, how come you always get this kind of thing? Rich until they want to target on you. lol
Don't know why I kept on getting this type of phishing email :D
Perhaps they read my blog? :P lol