A New Email Scam Involving @Scotiabank Is Making The Rounds

If you’re a customer of Scotiabank, and even if you’re not, there’s a new email scam that is making the rounds. Let me break it down for you:

Let’s start with the email address. Clearly this isn’t a Scotiabank email address as their domain is “scotiabank.com” as far as I know. Thus this alone should say to you that this email is a phishing scam. But let’s go further down the rabbit hole. Reading the email itself shows the typical poor grammar that phishing emails typically have. But ignoring that, it’s just generally not written well. And of course it has the typical threat that if you don’t do what this email says, access to your bank account will become “restricted”.

In the interest of science, I clicked on login from my iPhone and got this:

If you look at the website, this is not Scotiabank as the domain isn’t Scotiabank.com. Again validating that this is a phishing scam. For fun, I typed in a bogus card number and password. It then took me to this page:

Apparently I have to choose some security questions. They have some pre set ones that you have to choose from that I suspect match what Scotiabank does. And you can see that I had some fun with this as I suspect that this is more information gathering on the part of the scumbags behind this scam. When I save this info, it kicks me back to the login page. Presumably because they have all the info that they need to pwn your bank account. Crafty and moderately sophisticated.

I’m passing all this info along to Scotiabank so that they can take action. Hopefully they respond in a manner that protects their customers. Unlike my experience with TD in terms of reporting a scam that involved them. I’ll keep you posted on that.

