We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Never log in using a link provided by email
Options
Kernel_Sanders
Posts: 3,617 Forumite
Yesterday I received an authentic looking email with my name, postcode and the Nationwide logo from [EMAIL="nationwide@nationwide-communications.co.uk"]nationwide@nationwide-communications. co.uk[/EMAIL] , inviting me to view my current a/c statement via their log in link. It's quite simple for fraudsters to clone items from a bank or BS's site and present them in this way. They can even put the URL of a genuine site on a hyperlink which leads to their own cloned site, just waiting for your log in details, although obviously their URL would be slightly different from the genuine one e.g. www.nationwide.co.uk
0
Comments
-
Are you saying it is not a genuine email from Nationwide? They put your name and postcode so that you know it is genuine! Also, if it is a genuine email from Nationwide then you will be getting one every month!This is a system account and does not represent a real person. To contact the Forum Team email forumteam@moneysavingexpert.com0
-
Also, for me, it comes from Nationwide with nbs@ as the start of my email address.0
-
Is the space within the email address a typo OP?
nationwide@nationwide-communications.co.uk is a genuine email from Nationwide.
See here:
https://twitter.com/asknationwide/status/443495780775899137
http://www.nationwide.co.uk/support/security-centre/internet-banking-security/how-to-protect-yourself#xtab:email-and-security-tips
I never click on links within emails when it comes to banking - I always log on via their main webpage.
Also, if you hover your mouse/pointer over any hyperlink, it displays the webpage address that it's redirecting to (usually at the bottom of your screen) - so I knew that your hyperlink was going to redirect me to MSE forums. Although, some fraudsters can circumvent that too.:grouphug:
Official MSE canny forumite and HUKD VIP badge member :grouphug:0 -
The bank should not include links in it's emails, this opens the door for fraud.0
-
Kernel_Sanders wrote: »Yesterday I received an authentic looking email with my name, postcode and the Nationwide logo from [EMAIL="nationwide@nationwide-communications.co.uk"]nationwide@nationwide-communications. co.uk[/EMAIL] , inviting me to view my current a/c statement via their log in link.
Sorry you didn't specifically say if this was a genuine or phishing email.
If the latter then it's very worrying as they (almost) never would have this level of information.
Can you clarify that they had your name and postcode and it was fraudulent?0 -
It sounds like the email OP received was authentic rather than fraudulent - it has the same hallmarks as those I receive regularly from them and complies with what Nationwide publish on their site as per post #4.
So, I don't think OP is claiming that there's actually been any sort of fraud here but believe that their broader point is that Nationwide shouldn't be encouraging people to follow links from emails as this is arguably poor security practice and increases the risk of falling for phishing (even though these particular emails are genuine).0 -
I had a similar email on 12th Nov, for reductions off products I don't want. Luckily, none of the succession of offers have ever been of interest so I usually instantly consign to trash. However, bearing in mind the Tesco scam and others, I decided to look more closely without clicking. The email lacked my name and postcode, signposts Nationwide are supposed to use. It also quoted a superceded card number so I assumed scam. Copied email to nationwide phishing re apparent security risk, especially as the email invites a link to be activated to "sign in". No response yet, but security is only a part time role for these outfits. "24/7 banking, except for security"0
-
Au contraire, the OP is claiming an attempted fraud:So, I don't think OP is claiming that there's actually been any sort of fraud hereKernel_Sanders wrote: »Yesterday I received an authentic looking email0 -
Wow, that's a pretty spectacular leap of logic to get you from the actual quote about the email to an allegation of attempted fraud, have you considered a career in an AML department of a bank?Au contraire, the OP is claiming an attempted fraud:Kernel_Sanders wrote: »Yesterday I received an authentic looking email0 -
but believe that their broader point is that Nationwide shouldn't be encouraging people to follow links from emails as this is arguably poor security practice and increases the risk of falling for phishing (even though these particular emails are genuine).
Exactly. Banks frequently undermine customers' security awareness by breaking their own rules about emails, phone calls, etc.
The only safe rule is never to respond directly to any requests by phone or email, but to contact the organisation yourself using the publicly-advertised number and ask them about the request they have just apparently sent.
But they still fail security by having no proper central control of their emails or out-going phone calls, so sometimes a communication can be a genuine one from a small section of the organisation.This is a system account and does not represent a real person. To contact the Forum Team email forumteam@moneysavingexpert.com0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.1K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244.1K Work, Benefits & Business
- 599K Mortgages, Homes & Bills
- 177K Life & Family
- 257.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards