"Scotia InfoAlerts Bill Due" Phishing Scam Created by Cybercriminals

The "Scotia InfoAlerts Bill Due" Phishing Scam

From: Microsoft Outlook Calendar <no-reply@microsoft.com>

Date: Mon, Sep 3, 2018, 5:00 AM

Subject: Your Scotia InfoAlerts bill for account 3792*****151*** is due tomorrow

To: d t <IMCEAEX-Devon+2Eturner+40live+2Eca@sct-15-20-755-16-msonline-outlook-352f1.templatetenant>

Scotia InfoAlerts bill due

Credit card

Scotia InfoAlerts bill due

Account number: 3792*****151***

Due: Tuesday, September 4

Bill amount: $5,192.11

The link in the phishing email message goes to a fake Scotiabank website. Once on the fake website, visitors will be asked to verify their Scotiabank accounts by submitting their credit card information, personal information, and account credentials. If the requested information is submitted, it will be sent to the cybercriminals behind the scam. The cybercriminal will then use the stolen information to steal their victims' money and use their accounts fraudulently.

Scotiabank customers who know or think they may have been tricked by the phishing scam are asked to contact Scotiabank immediately for help.

Remember, Scotiabank will never:

• send you unsolicited emails or text messages asking for confidential information, such as your password, PIN, access code, credit card and account numbers.
• ask you to validate or restore your account access through an email or text message.