"Suntrust Online Banking is Temporarily Locked" Phishing Scam
SunTrust Bank customers are asked to be aware of the fake email notifications like the one below, which claim their accounts have been temporarily locked. The phishing emails claim that the recipients need to click on a link in order to verify and unlock their accounts, which have been locked due to a change in sign-in location or from another device. But, the link will only take the recipients who have clicked on it, to a phishing website, looking like SunTrust Bank’s website, where they will be asked to sign-in with their account credentials. Once the victims enter their account credentials on the fake website, it will be sent to the cyber-criminals behind the scam, who will use it to gain access to their victims’ accounts, where they will steal the victims’ money and use their accounts fraudulently.
A Sample of the "Suntrust Online Banking is Temporarily Locked" Phishing Scam
From: "Accounts@suntrust.com" - accounts@suntrust.convertfoxmail.com
Date: April 22, 2018 at 3:48:16 PM EDT
Subject: Suntrust - Your Access To Suntrust Online Banking is Temporarily Locked
Reply-To: "accounts@suntrust.com" - accounts@suntrust.com
Suntrust
Did you recently change your location or sign in your account from another device? We noticed someone other than you tried to sign in your account from another device or location. For your protection, we locked this account until we confirm you own this account.
To get verified and unlock this account please visit here.
Please DO NOT change any details on this account until we send a confirmation email.
It is important for internet users to remember that they should never click on a link to sign into their online accounts, especially links in email messages. The safest way to sign into their online accounts is to go directly to their online account providers’ websites, by typing the addresses of the websites in their web browsers or using a popular search engine to find the websites.
For example:
SunTrust’s customers should go directly to https://www.suntrust.com/ in their web browsers or search for “SunTrust Bank” using a popular search engine. And, if there is something wrong with their accounts or there is something that they need to do, they will be notified right after signing in.
Recipients of the phishing SunTrust email, who have clicked on the link and have attempted to sign into the phishing website with their accounts’ credentials, should change their passwords and contact SunTrust Bank immediately.
Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.
Note: Some of the information in samples on this website may have been impersonated or spoofed.