Anti-Phishing: KeyBank – ‘Technical services: Account Update Request’

Anti-Phishing: KeyBank – ‘Technical services: Account Update Request’


Summary
Email title: ‘Technical services: Account Update Request’
Scam target: KeyBank customers
Email format: HTML e-mail
Sender:
KeyBank – Customer Care Department <keysupport.6381508.148055.0 @ ebusiness.keybank.com>
Sender spoofed? Yes
Scam call to action: ‘Technical services of the bank are carrying a planned software upgrade… We earnestly ask you to visit the following link to start the procedure of confirmation of your personal data…’
Scam goal: Getting victim’s keybank.com username/password, credit/debit card information
Call to action format: URL link
Visible link: image link
Called link : h++p://www.parisharm.com/cgi-bin/
Phish website IP: 66.206.7.127


E-mail


KeyBank’s customers are the new phish target. This is the first phish against them we get reported, but probably won’t be the last one. It is not a sophisticated one, but it doesn’t need it to be dangerous – this bank’s customers are probably not as vigilant as the more targeted banks’ customers.


Anyway, the message looks nice – with bank logo, spoofed sender and hidden link destination, even a ‘legal’ footer:



More in Anti-Phishing.org

Leave a Reply