Technology evolve daily and so does crime and deceit.
Today i decided to take time out to expose this new method that internet fraudsters have devised to extort money from unsuspecting Nigerians in the guise of it coming from your bank.
Here is an email a friend of mine received recently allegedly from “Guarantee Trust Bank”,
The email looked so real and almost genuine. With a story like that, everyone would want to quickly login and cancel the “registration for our Guarantee Trust Customer Digest monthly bulletin” thereby revealing their banking login details.
If not for some suspicious details (coupled with the fact that He’s learned in this field as he is also blogger) he couldn’t have noticed the flaws proving it is actually a phishing website that he was redirected to to enter his internet banking details.
Here are the things i discovered that one could easily use to classify it as fake.
First, the real email of the sender was “firstname.lastname@example.org” as against the “GeNS@gtbank.com” – GTBanks original email notification sender name which it was disguised as.
Secondly, it contained links (which appeared to be) to particular pages on GTBank’s website which a bank would rarely do as they would rather tell you to login and give you directions to make the required update.
Third, both links (confirmation and cancellation URLs) though seem different but in true fact are actually targeting the same page,
When i tried to get the response headers from that URL, i discovered the real URL is in fact,
On visiting the URL, the page URL was a Base-64 encoded HTML content which might make some people think it is a security feature from the bank but its not. Its in fact, a way for the operators to hide the real URL of the page the user is visiting so you cannot easily tell it is a phishing website.
The content of the page looked exactly like the real internet banking login page of GT Bank. I’m not surprised as it has to look that way to be able to make it convincing.
In conclusion, we advice our visitors to always verify the pages on the web they are presently on before revealing any sensitive data.