Santander Savings Scam?

antispam246

I received an e-mail, supposedly from Satander, the e-mail address is an A&L who I did previously bank with before the takeover. The link it directs to looks very suspicious but the page itself looks very similar to the Santander log in page at a glance, what is throwing me off is the e-mail content which states,

Valued Customer ,
To say thank you to the millions of customers who have chosen Santander Uk plc as their bank, we would be offering up to 1,000 pounds to 1,000 lucky customers in a daily draw that would take place throughout december.


This draw recognises our previous customers, customers who moved their accounts from Abbey Uk plc and also customers who moved their accounts from Alliance and Leicester Uk plc. This year, we finally consolidated all accounts and brands under the Santander Uk plc brand.

Winning customers would be picked using various details, such as registration numbers, passcodes, mobile numbers or any other account detail supplied during registration. If you are chosen as a winner, you would be sent an email and requested to verify the questions you set up. Once this is done, the amount would be credited to the debit card registered.

To register your account details for this draw, click on the "Next" button below and log in.



Somewhat similar to the Halifax offer and not totally unbelievable, usually there are many obvious tell-tale signs but this is the first ever possibly junk mail I cannot 100% say it's junk, although I'm sure it is but... I've forwarded it to satander phishing department but though I'd ask here to.


the link goes here, link itself is safe but obviously DO NOT log in via this link


http://eyngconsulting.com/consultoria/libraries/tcpdf/config/lang/HFIDFUHGKJ/Logon.htm


Actually comparing the 2 log in pages I'm 99.9% sure it's fake but probably the most convincing scam yet, sadly it's going ot catch alot of people out undoubtedly.

Ark_Welder

Forward the email to phishing@santander.co.uk

Santander's online security page:

http://www.santander.co.uk/csgs/Satellite?appID=abbey.internet.Abbeycom&c=Page&canal=CABBEYCOM&cid=1210606999925&empr=Abbeycom&leng=en_GB&pagename=Abbeycom%2FPage%2FWC_ACOM_TemplateA2


[EMAIL="phishing@santander.co.uk"][/EMAIL]

financial_illiterate

It shouldn't catch anyone out. Banks don't write to customers and ask them to provide their account details and ones that make specific reference to the range of data they're going to be asking for in the 'registration' process shouldn't really warrant a second glance.

The fact that it probably will catch a few out is a sad reflection of the lack of education about online phishing attempts that customers ought to be provided with before being allowed to even consider banking online.

Gromitt

Your braver than me to click the link in the email. I always type my banks address in manually and then check the security tab to ensure the site identifies itself properly before entering any details.

They might not even be asking for your account details on the page, but your virus checker might not notice a particularly new trojan just waiting for you on a rogue website, which then catches you out when you login to the real site.

adindas

The vast of people are already aware that Bank will never ask you about your bank detail.

If they want to know this, they will simply call you. If there is a lucky draw, they will ask you to enter it from your Internet Banking.

antispam246 wrote: »

I received an e-mail, supposedly from Satander, the e-mail address is an A&L who I did previously bank with before the takeover. The link it directs to looks very suspicious but the page itself looks very similar to the Santander log in page at a glance, what is throwing me off is the e-mail content which states,

Valued Customer ,
To say thank you to the millions of customers who have chosen Santander Uk plc as their bank, we would be offering up to 1,000 pounds to 1,000 lucky customers in a daily draw that would take place throughout december.


This draw recognises our previous customers, customers who moved their accounts from Abbey Uk plc and also customers who moved their accounts from Alliance and Leicester Uk plc. This year, we finally consolidated all accounts and brands under the Santander Uk plc brand.

Winning customers would be picked using various details, such as registration numbers, passcodes, mobile numbers or any other account detail supplied during registration. If you are chosen as a winner, you would be sent an email and requested to verify the questions you set up. Once this is done, the amount would be credited to the debit card registered.

To register your account details for this draw, click on the "Next" button below and log in.



Somewhat similar to the Halifax offer and not totally unbelievable, usually there are many obvious tell-tale signs but this is the first ever possibly junk mail I cannot 100% say it's junk, although I'm sure it is but... I've forwarded it to satander phishing department but though I'd ask here to.


the link goes here, link itself is safe but obviously DO NOT log in via this link


http://eyngconsulting.com/consultoria/libraries/tcpdf/config/lang/HFIDFUHGKJ/Logon.htm


Actually comparing the 2 log in pages I'm 99.9% sure it's fake but probably the most convincing scam yet, sadly it's going ot catch alot of people out undoubtedly.

m0n3y_3

Well doing a quick domain name lookup on the web gives eyngconsulting.com domain as registered for someone in Rio de Janeiro, they might not even know of course about the fake login it could be that someone has hacked their site and is using it.

Registrant Contact: EYNG SERVIÇOS CONTABEIS LTDA, Rio de Janeiro, BR

Administrative Contact: Digital Solutions Ltda, Rio de Janeiro

Domain Name: EYNGCONSULTING.COM
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Name Server: NS1.LOC3.COM.BR
Name Server: NS2.LOC3.COM.BR
Status: clientTransferProhibited
Updated Date: 04-nov-2011
Creation Date: 03-dec-2010
Expiration Date: 03-dec-2012

Mikey17

The link works with Internet explorer, but as I expected not with Firefox


Uploaded with ImageShack.us

As someone stated, the link could have been booby trapped. So you should always browse with a program like Sandboxie.http://www.sandboxie.com/
This will stop you getting infected, but not entering your personal details into a fake site




[IMG]http://[/img]

TimBear

Santander (and all other banks I've banked with previously), always address any correspondence to me by my full name, never 'account holder' or similar.

financial_illiterate

TimBear wrote: »

Santander (and all other banks I've banked with previously), always address any correspondence to me by my full name, never 'account holder' or similar.

As a rule, I don't suppose they offer to enter your mobile number into a prize draw and then pay the winnings on to your debit card if you win, either?

Gromitt

They most likely will not ring you up either, as shown in this video: http://www.youtube.com/watch?v=5MTFauI8INY

antispam246

Thanks for clarification peeps, not sure what happened but my initial post missed a paragraph out. First thing I did was report it too santander phisging email I have all the banks phishing emails in my address book due to the abundant amount of scams and forward every single one appropriately. I only clicked the link via sandiebox on a secure client, not my main, 99.9% sure there was nothing malicious being pushed directly from the link unless the few scanners I used missed it.

I understand there were many clear signs it was a scam, it was more the content itself, usually the scam emails are very much in your face with a blatant "give us all your details and we'll take all your money", it was more the angle of the content which was unusually different from the norm, perhaps a sign of things to come, like someone had bothered to go the extra yard to entice those beyond the stupid