NOW, WHETHER OR NOT YOU BELIEVE WHAT YOU ARE ABOUT TO READ IN THIS ARTICLE, KNOW THAT HACKERS ARE AT IT AGAIN, HACKING WITH FALSE EMAILS AND CLONE (PHISHED) WEBSITES TO STEAL YOUR ONLINE BANK ACCOUNT DETAILS, THEN DEFRAUD YOU BIG TIME!!!
On Tuesday January, 28th, 2014 at about 3:28pm I received an email from a custom sender: “FirstOnlineBanking” with the Subject: SERVER MIGRATION. Now please, kindly read the content of the email sent to me:
Truthfully, the first reason I knew this was a hi-tech HACKING/SCAM is because, “I HAVE NEVER OPERATED A FIRST BANK ACCOUNT NOR RECEIVED AN EMAIL FROM FIRST BANK IN THE PAST, NEITHER HAVE I PREVIOUSLY GIVEN MY EMAIL DETAILS TO FIRST BANK OR ITS AGENTS”, so how could my so called “online account be successfully migrated to the new first bank server” as stated in the very first paragraph of that email was a mystery I wanted to unravel.
As a curious ICT rugged guy, I needed to know what this was all about so I quickly clicked the link on the instruction. To my greatest surprise, a successfully “cloned” First Bank Ltd. Online portal popped up. At first, I couldn’t have known it was cloned but the question that kept bugging me was: “could this email actually be from first bank?” I was really desperate to know what the sender was up to.
SO HOW DID I KNOW IT WAS A HACKER WHO SENT IT?
Firstly, when an email is sent you from corporate entities, the sender often appears as customized e.g. a notification from facebook to your email will appear simply as “Facebook”, so you don’t get to see the address used to send the email but for me, the first thing I do when I get an email is to check the sender’s address by simply moving my mouse cursor to the sender tab for it to auto-display or on my blackberry phone, I click on the custom sender and activate “show address”. So I went back to my email to check that, behold this was the sender: email@example.com and I wondered when banks reversed to using Hotmail.com, yahoomail.com or even gmail.com as their email service provider addresses.
Secondly, when I get alerts from GTBank, Zenith Bank or Access Bank (with whom I only bank with), while the sender is customized to the company’s name, the email address usually carries the name of the company as well. For example, when I get an update from Access Bank, the sender is customized as “Access Bank” while the sender’s email address is usually: firstname.lastname@example.org. So how could it be possible that First Bank in this modern ICT era sends a message to a “supposed” customer with an email address as “email@example.com”. Understanding how foolish the hacker was, I laughed out loud.
Thirdly, because I love to read web addresses, I went to Google the original First Bank web page and this was it: “http://www.firstbanknigeria.com/”, then I navigated back to the email to click on the sent link which redirected to the cloned site to see the web address. Behold (if the phished site has not been closed down) here was the link sent to me: https://www.1stbanknigeria-online.com/
Now click and check the web address you were redirected to and you will see: http://oceanbreezeng.com/wp-includes/images/wlw/enter/web/fbn/firstbanknigeria.htm, it is a Phishing website.
When you compare the original First Bank website: http://www.firstbanknigeria.com/ and the phished web addresses, you will see the very first letters of the phishing/cloned site is obvious enough to prove it is fake: oceanbreezeng.com.
NB: Phishing websites are designed to trick you into disclosing your login, password or other sensitive information by disguising themselves as other websites you may trust.
Fourthly, remember there is usually a date at the top of a First Bank Online portal. The date on the cloned site was: “Saturday, November 16th, 2013”, which was probably when the cloned website was hosted whereas, I was checking it on Wednesday, January 29th, 2014.
Fifthly, since I my suspicions where been confirmed gradually, I took one more step to compare the First Bank site I got from Google with this phished one so I clicked on “Individual Accounts” on the cloned and the original First Bank Online portal, the date at the top right corner of the cloned reads thus: “Sunday, January 12th, 2014”, whereas, it was supposed to be Wednesday, January 29th, 2014 (the day I decided to write this article). How could hackers be so foolish???
NB: Words cannot completely explain, the resemblance between the original First Bank Online portal and the phished one, so am afraid, many have already fallen victim by entering their secret details on the phished portal hosted by Bank Account hackers.
LESSONS TO BE LEARNT:
1. Always check the sender of every email sent to your account because while a custom name (which may be a name of a corporate entity or your client) appears, the sender’s email address may be totally different.
2. Always be conscious of web addresses. The web addresses of most corporate entities starts with the company’s name.
3. Never give out secret bank account or other details of any kind online without confirmation from your banker.
4. Some online transactions can be very confusing and somewhat deceitful…be careful which site you enter your secret information.
Be careful and wise!
CEO, Optimist Technologies Ltd./ICT blogger.
PS: Have you learnt something new from my write up today, don’t forget to tell me how much you have been informed by this post. I would love to read your comments and please sign up with your correct email details for more posts and future revelations straight to your inbox.
Kindly use the comment box below.