We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
Phishing email
rolls99
Posts: 163 Forumite
in Credit cards
Sorry if this is not the right forum list/topic for this....
Anyway; normally I always receive a "your statement is ready" email from Nationwide, arriving like clockwork.
I didn't receive one this month (which would have been due a week ago). I secure messaged Nationwide when logged in, and the statement updated the next day (it was possibly late due to the holidays.)
Anyway - today I receive an email entitled "Your Nationwide Credit Card Statement Is Ready" (note the capitalised words), and opened it.
Put it this way, there is never a link in the real emails, merely a confirmation the statement has been updated.
The "links" (seen by hovering) are click DOT nationwide-service.co.uk (and a string of other numbers beforehand).
There are two links on the page to "Log into Internet Banking".
The thing is this: the email contains my postcode, AND the last digits of my account number.
Other than amazon, and one or two shops, this information has not been entered anywhere else.
I use the same laptop for all computing, and have always carefully checked with scanning etc; now I would (of course) say this, but, I don't browse "Weird and wacky" websites not put my details elsewhere online.
What concerns me is this:
My wifes Ebay account was hacked last year, and her ID changed; luckily I found this fast and nothing has been lost as a result (Ebay admitting hack from china).
I immediately took all my own details off my own paypal account too (the nationwide card had been linked to it).
However we have recently moved, and this email has the new postcode which has not been associated with my Paypal account (which I have not updated).
I am at a loss (unless some undetected malware is on my machine) as to how any 'phishers' could be aware of these details.
What is curious is that Nationwide did NOT send the usual email on time (and it has still not arrived), lo and behold a week later this arrives.
More to the point, no email ever includes any reference to my account number (name and postcode only).
I have not entered the card details anywhere online (Have not bought anything, except one purchase from a shop, by telephone) - other than the details being in my Amazon account which they have been for years.
Anyone else had any dodgy emails of late?
(I've reported it on action fraud in the meantime and obviously have not clicked anything - but, I am totally bemused as to where the information could have been gleaned!)
Anyway; normally I always receive a "your statement is ready" email from Nationwide, arriving like clockwork.
I didn't receive one this month (which would have been due a week ago). I secure messaged Nationwide when logged in, and the statement updated the next day (it was possibly late due to the holidays.)
Anyway - today I receive an email entitled "Your Nationwide Credit Card Statement Is Ready" (note the capitalised words), and opened it.
Put it this way, there is never a link in the real emails, merely a confirmation the statement has been updated.
The "links" (seen by hovering) are click DOT nationwide-service.co.uk (and a string of other numbers beforehand).
There are two links on the page to "Log into Internet Banking".
The thing is this: the email contains my postcode, AND the last digits of my account number.
Other than amazon, and one or two shops, this information has not been entered anywhere else.
I use the same laptop for all computing, and have always carefully checked with scanning etc; now I would (of course) say this, but, I don't browse "Weird and wacky" websites not put my details elsewhere online.
What concerns me is this:
My wifes Ebay account was hacked last year, and her ID changed; luckily I found this fast and nothing has been lost as a result (Ebay admitting hack from china).
I immediately took all my own details off my own paypal account too (the nationwide card had been linked to it).
However we have recently moved, and this email has the new postcode which has not been associated with my Paypal account (which I have not updated).
I am at a loss (unless some undetected malware is on my machine) as to how any 'phishers' could be aware of these details.
What is curious is that Nationwide did NOT send the usual email on time (and it has still not arrived), lo and behold a week later this arrives.
More to the point, no email ever includes any reference to my account number (name and postcode only).
I have not entered the card details anywhere online (Have not bought anything, except one purchase from a shop, by telephone) - other than the details being in my Amazon account which they have been for years.
Anyone else had any dodgy emails of late?
(I've reported it on action fraud in the meantime and obviously have not clicked anything - but, I am totally bemused as to where the information could have been gleaned!)
0
Comments
-
What else do you use that email account for?
I always use a unique email address for financial matters.
My bank, Paypal, Ebay etc all have a different email address.Censorship Reigns Supreme in Troll City...0 -
It's basically my bog standard email which Ive used for years, so practically any online service (such as joining here) it's used for.
I've don't actually receive much general spam at all, (the vast majority is intercepted on webmail and never downloaded to computer anyway), and don't even bother opening such stuff - even the normal from the likes of Amazon.
I've never emailed anything containing any credit card account numbers or parts thereof as it just isn't secure enough.
I don't have anything on the machine which includes my account details (i.e. last 4 digits of account number) for Natwide.
I have to say if it wasn't for the fact I just thought "hold on" I might have clicked one of the links in the email (it looks authentic) but, I just don't know.
What is as I say odd is that the normal mail hasn't arrived at all, then this one does.0 -
nationwide-service.co.uk appears to be owned by nationwide building society looking at the whois data which has been validated by nominet.
https://who.is/whois/nationwide-service.co.uk
The domain is also registered and operated by the same company operating the nationwide.co.uk domain.
As the email has several pieces of info that only the bank can piece together, the email maybe genuine. You could always contact them and ask.0 -
I've had a look myself at whois; the origin of the email is nationwide communications (which is also verified and I see in a Tweet from NW too).
What I know is this:
Until basically now, all emails have been from "noreply" at Nationwide.
When the normal (expected) monthly email did not arrive, I contacted NW through my account when logged in.
this email has arrived after I would expect it: it actually has wording which is a bit 'iffy' sounding.
"Your credit card statement has been sent to your internet bank"
There are two links on the email to "log in to your internet bank"
As it stands, I could (theoretically) see someone gaining my postcode from, say emails, (and my name) but I can't see where they would get the account digits (the last four anyway) which are never in any email.
I've forwarded it to Nationwide's phishing email address - it is very odd that (as I say) the normal email hasn't arrived and this has.
I am very, very wary online, and keep a close eye on accounts, whereas all NWs communications via email are pure text (with no links), this mail is basically a "perfect" NW graphic "page" which even I nearly clicked on a link - it has my name, postcode and account; the only legitimate way is if NW have decided to change the way they notify of statements which would explain the normal mail not arriving: if they haven't, then whoever has these details has went to a lot of trouble to scam one person if it's simply my details that they have somehow got hold of.0 -
Look at the header details on the email. Seek out the source I.P rather than (an easy to spoof) named domain.0
-
It's not a phishing e-mail.Anyway - today I receive an email entitled "Your Nationwide Credit Card Statement Is Ready" (note the capitalised words), and opened it.
Put it this way, there is never a link in the real emails, merely a confirmation the statement has been updated.
The "links" (seen by hovering) are click DOT nationwide-service.co.uk (and a string of other numbers beforehand).
There are two links on the page to "Log into Internet Banking".
The thing is this: the email contains my postcode, AND the last digits of my account number.
It's simply a demonstration of the stupidity of some banks (and other financial companies) that think that it's OK to include links in emails as long as they address you by name and add some extra information like the post code and last digits of account number.
My old thread on another board: Phishing? / Am I paranoid? / Are they stupid? (Neteller this time)
I remember writing once to Cahoot about the same issue. Waste of time. They simply don't get it. They are stupid.0 -
Clearly. But it doesn't matter because, whatever it is, you will delete it and access your account through your usual bookmark, so no problem either way.It's not a phishing e-mail.
It's simply a demonstration of the stupidity of some banks (and other financial companies) that think that it's OK to include links in emails as long as they address you by name and add some extra information like the post code and last digits of account number.0 -
Sure I will. But some people won't, and sooner or later will fall victims of Nationwide's stupidity and fraudsters mimicking genuine emails.0
-
Well.
I called NW earlier. Basically, they are having issues with emails being sent hourly today which they know about, but can't explain why I didn't get my usual email on time.
One person asked if I wanted them to block the account (which then of course means I wouldn't get into it at all), so I said no, and asked to speak to the CC dept; anyway - after explaining again they went to speak to their technical boffs, and after 30 mins in hold the line went dead.
So I've left it for the moment but am checking the account regularly; my hunch is if it was a real scam then the pepetrator has went to a lot of bother based on 'getting lucky' with my details; that, or someone has access to NWs database.
The IP address directs to some sort of company in Indianapolis (on the email) which apparently is where the emails are 'aggregated' - the paths all look 'legit' and match what can be found on NWs site ("Email addresses we use")
I won't be clicking anything on it of course, and, yes, it's something I've never had from NW before - ANY email with a link in it, never mind so much as one digit from my Account number.
Anyway as they have said, I've done my bit, notified them and so on....
I will say that it could be so easy to fall for something, and this goes in direct contravention of NWs own site (no links in emails)0 -
Relax.
You have nothing to worry about if you have not clicked any link and have not entered any information.
My Dec e-mail from NW was the same: with the links and with my surname and postcode. There were no last digits of the account number included, but they (NW) seem to be making 'progress'
The most funny thing is their
LOLBe aware of imitations
For your security we'll always include your postcode at the top of any emails we send you.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.1K Banking & Borrowing
- 252.8K Reduce Debt & Boost Income
- 453.1K Spending & Discounts
- 243K Work, Benefits & Business
- 597.4K Mortgages, Homes & Bills
- 176.5K Life & Family
- 256K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards