A New But Primitive CIBC Phishing #Scam Is Making The Rounds
When it comes to finding out about the latest scams, readers of this blog or my clients will sometimes bring them to me. But sometimes they just drop into my lap. Take this one that popped into my inbox that uses Canadian bank CIBC to try and scam you:
Now this leverages a couple of methods to try and get you to fall for the scam. The first is that the mail claims that CIBC has a new “verification method”. That’s something that will get people’s attention because banks are trying to move away from text message based two factor authentication because of SIM swap attacks where a threat actor swaps your cell phone number onto a SIM that they control so that they can then take over your bank account and drain it. So people may assume that this email is legitimate based on that. The second reason why people might fall for this scam is that there’s a sense of urgency around it based on the fact that you have a deadline to do what the threat actor wants you to do. Because nobody wants to be separated from their money. But this of course isn’t coming from CIBC and there’s three ways to tell in this case:
The first is the fact that this email address in the from field isn’t from cibc.com. In fact it’s not even close. So CIBC didn’t send this email.
Looking at the to field shows the same email address. That indicates that this is an email that is being sent to thousands of people hoping that 1 or 2 percent of them fall for this. That’s further reinforced by the fact that the body of the email doesn’t reference me by name and only says “sir or madam.”
The final part are the words “Click To againe Access”. Clearly the threat actor wasn’t smart enough to spell check this before sending this out. #Fail.
So if you get this email, you should instantly delete it and not click on any links. But by now you know that this isn’t how I roll. So I clicked the link and got this:
This is a pretty basic replication of the CIBC website. And if you look at the address bar, it’s clearly not CIBC.com. Which should be two more things to send you screaming in the other direction. But what this website is after is pretty clear to me. The threat actors want your debit card number and your password so that they steal your money. I entered a fake card number and a password that told the threat actor where to go and how to get there, and I was then dumped to the actual CIBC website. Now I can only conclude two things based on that. Either the threat actors had code in the website that detected that I entered invalid information and punted me to the real CIBC website as a result. Or this is a very basic scam website that snatched what I entered so that the threat actors can potentially go to town at someone else’s expense.
So even though this is a very basic, bordering on primitive scam, it’s still a scam. Which means that you need to be on your toes so as to not fall victim to it. Because a scam doesn’t have to be well executed to be effective.
This entry was posted on September 29, 2024 at 8:40 am and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
A New But Primitive CIBC Phishing #Scam Is Making The Rounds
When it comes to finding out about the latest scams, readers of this blog or my clients will sometimes bring them to me. But sometimes they just drop into my lap. Take this one that popped into my inbox that uses Canadian bank CIBC to try and scam you:
Now this leverages a couple of methods to try and get you to fall for the scam. The first is that the mail claims that CIBC has a new “verification method”. That’s something that will get people’s attention because banks are trying to move away from text message based two factor authentication because of SIM swap attacks where a threat actor swaps your cell phone number onto a SIM that they control so that they can then take over your bank account and drain it. So people may assume that this email is legitimate based on that. The second reason why people might fall for this scam is that there’s a sense of urgency around it based on the fact that you have a deadline to do what the threat actor wants you to do. Because nobody wants to be separated from their money. But this of course isn’t coming from CIBC and there’s three ways to tell in this case:
The first is the fact that this email address in the from field isn’t from cibc.com. In fact it’s not even close. So CIBC didn’t send this email.
Looking at the to field shows the same email address. That indicates that this is an email that is being sent to thousands of people hoping that 1 or 2 percent of them fall for this. That’s further reinforced by the fact that the body of the email doesn’t reference me by name and only says “sir or madam.”
The final part are the words “Click To againe Access”. Clearly the threat actor wasn’t smart enough to spell check this before sending this out. #Fail.
So if you get this email, you should instantly delete it and not click on any links. But by now you know that this isn’t how I roll. So I clicked the link and got this:
This is a pretty basic replication of the CIBC website. And if you look at the address bar, it’s clearly not CIBC.com. Which should be two more things to send you screaming in the other direction. But what this website is after is pretty clear to me. The threat actors want your debit card number and your password so that they steal your money. I entered a fake card number and a password that told the threat actor where to go and how to get there, and I was then dumped to the actual CIBC website. Now I can only conclude two things based on that. Either the threat actors had code in the website that detected that I entered invalid information and punted me to the real CIBC website as a result. Or this is a very basic scam website that snatched what I entered so that the threat actors can potentially go to town at someone else’s expense.
So even though this is a very basic, bordering on primitive scam, it’s still a scam. Which means that you need to be on your toes so as to not fall victim to it. Because a scam doesn’t have to be well executed to be effective.
Share this:
Like this:
Related
This entry was posted on September 29, 2024 at 8:40 am and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.