I don’t know whether this is a new development to phishing emails since I always ignore such messages in my Spam folder but users of Internet banking services should be aware that phishers may be getting more ingenious.
Is this a new type of phishing emails? Over the past few days, I’ve been noticing more of such emails landing up in my inbox instead of the spam folder. Curiosity finally got the better of me.
Like I said, the phishers are getting more ingenious. Not only are they requesting people to click on a link in their email, which would take the unsuspecting person to a spurious login page where they can then harvest their prospective victim’s username and password, they now attempt to add an additional layer to their modus operandi by asking their victim to pre-request for a TAC from his bank.
It’s both a scare tactic and an attempt to make the victim believe that he is really dealing with his bank. After all, which bank does not ask for the TAC nowadays before a customer can do an online transaction?
So be warned; don’t ever fall for this new trick. The only safe way of logging in to your bank is by typing the URL into the webpage. The traditional safeguard still holds true: never, ever log in from any link that you find in an email, no matter how real it looks to you.
Note: TAC stands for “Transaction Authentication Code”. This is a second layer of protection that banks should provide to their Internet banking customers in addition to the username and password. It is a secret six digit code generated by the bank’s system and sent by SMS to the customer’s mobile number that was pre-registered with the bank during the Internet banking registration process.