National Commercial Bank "Important Information Your Activation is Required" Phishing Email
The email message below with the subject: "Important Information Your Activation is Required," which appears as if it was sent by the National Commercial Bank Jamaica(NCB), is a fake. The fake message is a phishing scam that contains an attached form that request the recipients' NCB online account information. If recipients submit their account information on the fake form, it will be sent to the cybercriminals behind the phishing scam, who will use the same information to gain access to their accounts. Once the cybercriminals have gotten access to the accounts, they will steal money from them and use them fraudulently. Therefore, recipients of the same email message are asked to delete it and should not follow the instructions in it.
A Sample of the NCB Phishing Email
Subject Important Information: Your activation is required
From: NCB Jamaica - no-reply@jncb.com
Attachment: InternetProfile.html
Upgrade
We previously contacted you about our recent upgrade to our online security standards. This upgrade requires you to update your user profile.
Download the attached document and follow the easy instructions
Neglecting to update your PVQs by April 27, 2017 will impact your
ability to log on to the NCB Jamaica Internet Banking.
Please do not reply to this message. For questions, please call our Customer Care Centre at 1-888-NCB-FIRST (622-3477). We are available 24 hours a day, 7 days a week.
National Commercial Bank
www.jncb.com | 1-888-NCB-FIRST
Note:
This message contains information which may be privileged. Unless you are the addressee (or are authorized to receive for the addressee), you may not use, copy, or disclose to anyone, the message or information contained therein. If you have received this message in error, please advise the sender by reply email/fax and delete/discard the message.
Thank You.
ncbjltd
NCB Jamaica and most other legitimate companies will never send email messages to their customers asking them to open a HTML document in order to verify their email addresses or update their records. Therefore, recipients of unexpected or suspicious email messages with attachment ending with ".html" or ".htm" are asked to contact the organizations the email messages appear to have been sent from, in order to verify their authenticity, before they attempt to open the attachment.
And, although the "From" address of an email message contains the email address of a legitimate organization; it doesn’t necessarily means it was sent by that organization. There is a technique called Email Spoofing, which allows the sender of an email message to change the "From" address of an email message, to make the same message appear as if it came from someone else.
For example:
I can send an email message to a friend and change the “From” email address of the same message to "president@whitehouse.gov." Once my friend receives the email message, he/she will think the email message came from the president of the United States, when it was actually sent by me. So, never rely on the “From” or sender’s email address to determine if an email message is legitimate or not.
Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.
Note: Some of the information in samples on this website may have been impersonated or spoofed.