An email saying Straight2Bank Website changes pretending to come from Straight2Bank <Milan.Colquhoun@s2b.standardchartered.com> is one of today’s phishing attempts. I have received loads of these this morning and they are using several different phish sites
so far the phish sites I have seen are:
The original email looks like this. It will NEVER be a genuine email from PayPal or Your Bank so don’t ever follow the link to a website that looks at first glance like the genuine bank website.Some versions of this phish and similar phishes ask you to fill in the html ( webpage) form that comes attached to the email. That is also false.
We would like to announce that the design of our website is going to change in the nearest future. The final changes will be applied on Monday, 04 of January 2016. Until the end of this week you can review the upcoming changes.
While mostly everything will function the same, the look and feel of our website will change.
We understand that this can be an adjustment so we have prepared some frequently asked questions for you to review.
Will this redesign affect any of my saved bookmarks? Yes, all pages other than www.s2b.standardchartered.com/ssoapp/login.jsp will need to be re-bookmarked as the web address will change.
Why did the design of the website change? We felt it was time to refresh the look and feel of Straight2Bank. You’ll see this new look across all marketing collateral.
Does the way I sign into my account change? No, the way you sign into your account will not change. However, we have enhanced our security system to make it more difficult for an unauthorized person to access your account.
I’m having issues accessing my account. What is the issue? You’ll need to add our site to the Compatibility View List: Click on tools Scroll & click on compatibility view settings Type in our address (www.s2b.standardchartered.com/ssoapp/login.jsp) Click add
Please email all questions or concerns to Milan Colquhoun, Marketing & Communication Specialist: Milan.Colquhoun@s2b.standardchartered.com
The link in the email directs you to a fake site, if you look at the fake website, you would be very hard-pressed to tell the difference from the fake one and the genuine site. The only way is look at the address bar and in the Genuine bank site , when using Internet Explorer the entire address bar is in green. ( in Chrome or Firefox, only the padlock symbol on the left of the browser is green)
I can’t seem to get past the first page but in previous versions of phish attempts against this bank they only asked for passwords, log in details and pin numbers and didn’t ask for any other personal information.
Please read our How to protect yourselves page for simple, sensible advice on how to avoid being infected by this sort of socially engineered malware.
All of these emails use Social engineering tricks to persuade you to open the attachments that come with the email or click the link in the email . Whether it is a message saying “look at this picture of me I took last night” and it appears to come from a friend or is more targeted at somebody who regularly is likely to receive PDF attachments or Word .doc attachments or any other common file that you use every day. Or whether it is a straight forward attempt, like this one, to steal your personal, bank, credit card or email and social networking log in details. Be very careful when unzipping them and make sure you have “show known file extensions enabled“, And then look carefully at the unzipped file. If it says .EXE then it is a problem and should not be