The IT Nerd

It seems that a phishing scam involving TD Bank is back. Like the last one, it is delivered by text message. Specifically looking like this:

Now a quick look at the URL should tell you that wasn’t sent by TD Bank as their official URL is td.com in Canada and tdbank.com in the US. But a few people might be fooled by this as the URL starts with “TD”. Remember, a scam doesn’t have to be successful in quantity to be successful.

In any case, if you click on the URL, which by the way you should NEVER EVER DO, this is what you will see:

You get taken to an exact clone of the TD website. I got my wife to have a look at this as she’s a TD customer and she confirmed that this website is so good, there’s almost no difference between this phishing website and the real website. Thus it might fool people.

So this is where I got curious, I typed in a bogus credit card number and a password that was nonsensical and was promptly presented with this when I clicked login:

So this website actually takes into account two factor authentication. Very sophisticated as at first glance they are either trying to convince you that this is the real website, and/or they want to get your mobile number to do a SIM swap or something similar so that they can take control or you bank account. Bonus points for that. Though this website didn’t validate the bogus card number I put in. So I’ll deduct some points for that. For giggles, I clicked call me where I expected a prompt for a phone number. Instead I got this:

Well that’s a wee bit of a mistake But I am pretty sure that they are assuming that you will click on “text me” rather than call me. Thought it really doesn’t matter at this point because if you actually typed in your real TD card number and password in the previous steps, you’ve been pwned and your bank account will be drained in short order. And the fact that they didn’t ask for a phone number means that they were simply trying to gain your confidence that this was the real website.

I should note that when I tested this in Safari on macOS, it was spotted as a deceptive website right away. Ditto for Firefox on macOS. But that wasn’t the case in Chrome on macOS or Edge on macOS which allowed me to access the site to take these screen shots. That interesting. And not in a good way if you’re a Chrome or Edge user.

In any case, I reported this to TD and sent them all the documentation that they requested. Though the last time that I came across a scam like this, TD wouldn’t or couldn’t shut the scam down. Thus I am not holding my breath in terms of TD taking action on this. Which means that you need to be on your toes as this example proves that the bad guys are getting more and more savvy when it comes to their attempts to separate you from your money.

This entry was posted on August 3, 2022 at 9:20 am and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.