SunTrust Bank customers are asked not to follow the instructions in fake email messages like the one below, which claim that their email addresses have changed and they should click the links in it to view a so-called secure message. This is because the link will only take the recipients who have clicked on it, to a phishing website, looking like SunTrust Bank’s website, where they will be asked to sign-in with their account credentials. But, once the potential victims attempt to sign into the fake website, their credentials will be sent to the cybercriminals behind the scam, who will use it to gain access to their victims’ accounts. Once the cybercriminals have access to their potential victims' accounts, they will steal their money and use their accounts fraudulently.
One of the "Suntrust Your E-Mail Address Change" Phishing Scams
From: "Suntrust" <firstname.lastname@example.org>
Date: July 12, 2017 at 4:10:07 PM PDT
Subject: Re: Your E-Mail Address Change
Greetings from Suntrust!
To view your secure message on our website, simply follow these steps:
1. Log on to your account at Suntrust.com
2. From the My Accounts dropdown, choose Messages.
3. Select the message regarding your address.
Thank you for banking with Sunturst Bank
It is important for Internet users to remember that they should never click on a link to sign into their online accounts, especially links in email messages. The safest way to sign into their online accounts is to go directly to “https://www.suntrust.com/” in their web browsers or search for “SunTrust Bank” using a popular search engine. If there is something wrong with their accounts or there is something that they need to do, they will be notified right after signing in.
Recipients of phishing SunTrust emails like the one above, who have clicked on the link in them and have attempted to sign into the phishing website they were taken to with their accounts’ credentials, should change their passwords and contact SunTrust Bank immediately.