High-street banks Halifax and NatWest have become the latest victims of an e-mail fraud scam, which aims to trick customers into giving away confidential bank details via a link to a spoofed website.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Halifax closed its online operation over the weekend after customers received e-mails requesting security details, and the site was still down on Monday morning.
NatWest, which was targeted at the end of last week, did not close its site, but issued a statement urging customers to forward any e-mails to firstname.lastname@example.org.
The scam, known as “phishing”, has recently targeted Lloyds TSB and Barclays as well as other well known online companies, such as Amazon.com and eBay.
The emergence of the e-mail fraud scam has led the National Hi-Tech Crime Unit to join forces with the Association for Payment Clearing Services and the British Bankers’ Association to launch a campaign aimed at raising consumer awareness of the issue.
Although the early indications are that very few people have been successfully duped, Apacs, the BBA and the NHCTU have published a “checklist” to make people aware of the need to treat e-mails with caution. It includes advice such as always accessing your internet bank via a browser, keeping personal information secret and using up-to-date anti-virus software.
David Lennox, director of fraud and physical security at the BBA, said the initiative should help to combat what is a growing trend.
“The threats in the online world are the same as in the offline world,” he said. “While these types of fraud have always been with us, the internet is now being used as the preferred medium for attempting to carry them out.”
Although educating consumers is key, companies should also be taking measures to counter the rise of e-mail fraud scams, said Len Hynds, head of the NHTCU.
“Every business has a duty to itself, its employees and its customers to be as security conscious as possible,” he said. “Routine application of software updates, employee education and holistic attention is fundamental.”