Maybank Singapore : Phishing Alert

[HIDDEN]

hi,

I've been spending some time looking at internet scams etc. and I came across this Phishing Alert from Maybank Singapore. Maybe Maybank Malaysia is equally affected.

I thought that it was really interesting as the correct Maybank website is Maybank2u and this scam uses a Maybank2uu site. Wow, easy to miss.

Here's some information from the Maybank site as a general reference on phishing. At the bottom is a list of scam emails, and there's a lot of them. I guess it's the same for all banks so this Maybank advice applies for all. 

Maybank Alert – Fraudulent E-mail
It has been brought to Maybank's attention that some members of the public have again received e-mail messages requesting customers to reactivate their accounts in view of Maybank's new security system and technical update. This is done with the intention to illegally obtain customers' passwords.

Maybank would like to clarify that such e-mail messages are not issued by Maybank and advise customers NOT to login to any of the website links contained in the e-mail. Customers who have clicked on the link in such e-mails are advised to change their passwords immediately, by directly logging into Maybank2u.com.sg.

Maybank would like to advise all customers to NOT reveal or disclose your passwords to anyone at any time online or on the telephone.

How it works

Phishing e-mails are fraud attempts as the senders take on the identity of well-known companies such as banks or financial institutions to obtain personal information from the recipients of the e-mail.

These e-mails will often ask recipients to visit a fake website of a bank through links provided in the e-mail, or ask for personal information such as credit card numbers or online banking IDs and passwords, in order to commit identity theft. They will then use the information they have acquired for illegal purposes or to perform unauthorised access to the recipient's online banking account.

How to protect yourself

Alert Maybank if you receive an e-mail, letter, notification or a telephone call requesting for information relating to your PIN/access ID or username/password.

Do not provide your banking particulars, such as ID, password, bank account numbers, credit card or account details by e-mail.

If you receive an e-mail asking you to reactivate or update your account for any purpose or to provide personal account information, please contact Maybank to confirm the validity of the e-mail.

For secured online banking access, always enter the URL address (www.maybank2u.com.sg) directly on your web browser.
Examples of phishing e-mails in circulation

Travel Vouchers - 6 May 2010
Loyalty Bonus - 1 May 2010
Online Banking - 30 Apr 2010
Maybank2u.com Account Alert! - 26 Apr 2010
Maybank Account Maintenance Alert - 14 Apr 2010
Important Account Protection - 13 Apr 2010
Account Stability - 12 Mar 2010
***[SUSPECTED SPAM]*** Unlock your account - 8 Mar 2010
Serious PR2 (Variant) - 23 Feb 2010
Maybank: Security Control Systems – 09 Feb 2010
Security Verification - 27 Jan 2010
Maybank Security Alert - 26 Jan 2010
Serious PR2 - 24 Jan 2010
Technical Security Measures - 9 Jan 2010
New 2010 Security - 10 Jan 2010
Perfect 2010 Customers Protection Update – 7 Jan 2010
Access Suspended - 5 Jan 2010
Unauthorized Users – 31 Dec 2009
Revision of Maybank account - 22 Dec 2009
New Security Measures PR2 - 21 Dec 2009
Online Banking Re-activation – 19 Dec 2009
Account Problem - 14 Dec 2009
Scheduled Maintenance – 25 Nov 2009
Account Suspended - 6 Nov 2009
Inheritance Funds - 28 Oct 2009
Spam Victim - 14 Oct 2009
Urgent:Transaction Problem - 29 Sep 2009
Spam Attack - 17 Sep 2009
Urgent Police Alert - 4 Sep 2009
Unauthorised Transactions (Variant) 20 Aug 2009
Unauthorised Users - 13 Aug 2009
1 Alert Message(s) - 5 Aug 2009
Unblock Your Maybank Account - 27 Jul 2009
Unauthorised Transactions - 9 Jul 2009
Unblock Account (Variant) - 29 June 2009
Security Problem in Your Account - 10 Jun 2009
Validate Your Online Banking Account - 2 May 2009
Verify Your Internet Banking Access - 29 Apr 2009
Security Control Systems - 22 Apr 2009
Unblock Account - 15 Apr 2009
Spoof E-mail - 14 Apr 2009
IP Address - 12 Mar 2009
Credit Card - 5 Mar 2009
Distributed Denial of Service - 14 Feb 2009
End of Article

[HIDDEN]

Nope, there isn't a .com.my equivalent to the maybank2uu URL. Singapore Maybank only (at this point). Maybe the phishers know that the Singaporeans are the ones with all the money! LOL

Kaz!

[HIDDEN]

Believe it or not I received at least 2 of these phony Maybank emails some time back AND I DON'T EVEN HAVE AN ACCOUNT/CREDIT CARD WITH MAYBANK NOR WITH ANY MALAYSIAN BANK.  Why the hell these scammers sent them to me or how they got my email address I have no idea  ...Jim, USA

[HIDDEN]

On the flipside, I've received emails from US banks, Jim, even though I don't live there. Your email address (and mine, and countless others) has been harvested by bots crawling sites all over the Internet. They're bundled together and then sold to scammers in lots of tens (or hundreds) of thousands of email addresses. It doesn't matter that you may not reside in a particular country, the scammers know all they need are a few marks that bite over that hundred thousand scam emails to make a profit.

Kaz!

[HIDDEN]

If have received over 20 of these phishing mails in the last few weeks, 4 in the last 24 hours, fortunately I don't receive much other spam on my private email address. I only use it on "trusted" websites, most of the time I use an other email account at first and if nothing nasty happens after a few weeks I change it to my private address.

[HIDDEN]

Looks like the Phishers are at it again. I have had 2 Public Bank and one Maybank Phishing email in the last 2 days. Gotta keep on your toes.