Today I received an important email from CIMB Bank with the title “Urgent: Account Problem”. I copied the content from my email as below:
Dear CIMB Customer,
Our Security Systems detected a security threat in your account as it was accessed from a blacklisted location. We have deactivated your account pending your immediate reactivation.
Note that inactive accounts will be deactivated in less than 5min for security reasons. We regret any inconvenience caused.
From the email content, I was surprised to find out that my CIMB account was accessed by unknown people from blacklisted location. Luckily CIMB team had succeefully deactivated my account immediately. Then they requested me to reactivate my account by clicking the link which point to http://www.cimbclicks.com.my
Well, I was about to thank the CIMB Bank for their excellent security protection to the bank account holders until I find out something weird about the link provided. Please see the image below to find out yourself the strange phenomenon regarding the link.
Hehe, I guess you know what I mean now by looking at the image. The link was actually point to other website instead of CIMB homepage. Besides that, the sender’s full email address was email@example.com with the misspelled word “uprade”. So obviously, this is just another “Fishing Phishing Email” which is not sent by CIMB Bank. According to Wikipedia, Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in a electronic communication. Phishing is typically carried out by email and often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
How To Prevent Phishing Email Scam|Online Identity Theft Fraud?
- Never respond to any phone call/SMS/Email requesting your bank account details.
- Never reveal your bank account details/ATM PIN/Internet Banking password to anyone.
- Never follow instruction from an unknown party to perform banking transaction or make changes to your bank account details.
- Never be a victim of schemes that sound too good to be true.
- Never click the link provided by suspicious email especially required you to activate the bank account.
- Never too lazy to detect the internet fraud, email fraud by paying extra attention upon receiving email from bank.
- Never forget to remind your friends, family about the scam email and identity theft fraud so that they are aware of it.
- Never ignore phishing emails that you received, forward it to the bank and relevant parties so that this kind of email fraud scam will be known by public.
Do you receive any phishing emails like me? What’s your reactions while received this kind of scam email? Please share your experience to us.