 |
| This email looks familiar? |
When you click the link to 'Unlock Account', a login page appeared. It looks very convincingly similar to the authentic Maybank2u website. Take a look at the comparison image below...
 |
| The fake link. Note the URL address redirects to some weird address |
 |
| The authentic link. Note the security signature on the 'tiger' logo on the url bar, and secured url (https) and also the 'locked padlock' icon on the bottom left of the window |
That's the reason why logging in to your bank account from email link is a badddddd idea. ALWAYS log in to your online account via original bank address (http://www.maybank2u.com.my/ in this case, and login from there)
Now, back to the fake login page. I managed to bypass the security system to login to my account. See below
 |
| My dumbass account |
After that, it will ask you to enter your TAC number...
Finally, you will get a friendly message saying "Your account is being verified by our security team. Do not login to your account within the next 48 hours so as not to cause error(s) in our database."
Why 48 hours, you might ask? Because by then your bank account will be milked dry by the syndicate. Please do not login before 48 hours, otherwise you'll messed up our database. For a bank who conducts billions of ringgit worth of transaction every day, its that easy to messed up the database, eh? Sounds phishy.....
No comments:
Post a Comment