Anti-Phishing: KeyBank – ‘Technical services: Account Update Request’

Anti-Phishing: KeyBank – ‘Technical services: Account Update Request’

Email title: ‘Technical services: Account Update Request’
Scam target: KeyBank customers
Email format: HTML e-mail
KeyBank – Customer Care Department <keysupport.6381508.148055.0 @>
Sender spoofed? Yes
Scam call to action: ‘Technical services of the bank are carrying a planned software upgrade… We earnestly ask you to visit the following link to start the procedure of confirmation of your personal data…’
Scam goal: Getting victim’s username/password, credit/debit card information
Call to action format: URL link
Visible link: image link
Called link : h++p://
Phish website IP:


KeyBank’s customers are the new phish target. This is the first phish against them we get reported, but probably won’t be the last one. It is not a sophisticated one, but it doesn’t need it to be dangerous – this bank’s customers are probably not as vigilant as the more targeted banks’ customers.

Anyway, the message looks nice – with bank logo, spoofed sender and hidden link destination, even a ‘legal’ footer:

More in

Leave a Reply