"National Commercial Bank Alert - Action Required" Phishing Emails

"National Commercial Bank Alert - Action Required" Phishing Emails

Would you share this Article with others?

The email message below with the subject: "National Commercial Bank Alert - Action Required," which appears as if it was sent by the National Commercial Bank (NCB), is a fake. The fake message is a phishing scam that contains an attached form that request the recipients' NCB online account information. If recipients submit their account information on the fake form, it will be sent to the cybercriminals behind the phishing scam, who will use the same information to gain access to their accounts. Once the cybercriminals have gotten access to the accounts, they will steal money from them and use them fraudulently. Therefore, recipients of the same email message are asked to delete it and should not follow the instructions in it.

A Sample of the "National Commercial Bank Alert" Phishing Email

National Commercial Bank Malicious Email

From: NCB Jamaica [mailto:no-reply@jncb.com]
Sent: Tuesday, February 21, 2017 1:48 PM
Subject: National Commercial Bank Alert - Action Required
Attachment: InternetProfile.html

Changes to your rates

Dear Customer,

At NCB Jamaica, we regularly review our customer records to ensure we have the most recent and up to date information.

To complete the process, we just need to verify that this email address belongs to you.

· Please find the Attached HTML Document

and follow the easy instructions

Have a question?

No worries! Call one of our Customer Service Representatives on (868) 62-FIRST (623-4778) . We're here from 8am to 7pm Monday to Friday.

Marisa Grieco
Customer Operations Manager

NCB Jamaica and most other legitimate companies will never send email messages to their customers asking them to open a HTML document in order to verify their email addresses or update their records. Therefore, recipients of unexpected or suspicious email messages with attachment ending with ".html" or ".htm" are asked to contact the organizations the email messages appear to have been sent from, in order to verify their authenticity, before they attempt to open the attachment.

Remember, although the "From" address of an email message contains the email address of a legitimate organization; it doesn’t necessarily means it was sent by that organization. There is a technique called Email Spoofing, which allows the sender of an email message to change the "From" address of an email message, to make the same message appear as if it came from someone else.

For example:

I can send an email message to a friend and change the “From” email address of the same message to "president@whitehouse.gov." Once my friend receives the email message, he/she will think the email message came from the president of the United States, when it was actually sent by me. So, never rely on the “From” or sender’s email address to determine if an email message is legitimate or not.

Note: Some of the names, addresses, email addresses, telephone numbers or other information in samples on this website may have been impersonated or spoofed.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts (OTA) by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
There are no comments as yet, please leave one below or revisit.

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

"National Commercial Bank Alert - Action Required" Phishing Emails