Lloyds Bank Scam emails originating from the University of Southern Mississippi - Watch out !!!!

by sircles on Jul 20, 2017 in Internet, Viruses and Malware threats, Internet Security, SPAM
Lloyds Bank scam emails originating from the University of Southern Mississippi - Watch out !!!

Lloyds Bank scam emails originating from the University of Southern Mississippi - Watch out !!!!

The following email may arrive in your account:

 

Lloyds 0nline. <[email protected]> is obviously a spam address - the zero (0) in 0nline is designed to stop the email being filtered out by spam filters checking for 'Lloyds Online' and so this message should instantly be deleted.

Any email from your bank explaining that urgent action needs to be taken is false - your bank would never rely on an action that does not guarantee reception for an urgent matter, they would always phone.

If we look at the language in general below:

 

  1. As we can see the 0nline zero is present
  2. USM.EDU is the email domain of the University of Southern Mississippi who most definitely do not send email on behalf of Lloyds Bank
  3. https://security.lloydsbαnk.co.uk/updates actually point to: https://www.smartideas.bg/sma.htm and if we hover over the link, we can see the true destination.

 

  2. Lloyds Bαnk is a Greek Alphabet character for αlpha which is another tactic to avoid being filtered, as you can see if you examine the a which has been replaced with α.
  3. If we reply to the email we receive:

 

========================================

Clicking the link:

 

The website that we are taken to when clicking the link certainly looks like Lloyds Bank:

 

But if we look at the address in the address bar:

 

We can see that the address is all wrong. If we click the 'How do I know that this site is secure?' link, then there is no satisfactory result. 

This is an effective impersonation of the Lloyds login page and has several verification rules for the input boxes.

This page will return with a different domain once the owners of smartideas.bg realise they have been hacked and they restore the correct website.

Keep an eye out for all emails from the bank - they never email you about security!!!!

As another set of domains names to watch with the same page as above:

http://ourbabyshower.co.za/LLOHDBU0/

http://darylconner.com/LLHSUUNDFY830/V6/ 

Both of the above are fake Lloyds related URLs.

Add comment