NatWest UK clients targeted with banking scam

Bitdefender revealed a new scam used by criminals pretending to be from NatWest bank and that try to steal customers’  login informations by distributing a fake satisfaction survey via e-mail. This scam comes after the recent announcement that the NatWest ‘Get Cash’ app was closed after cybercriminals abuse.

This fake NatWest user satisfaction survey is currently hitting UK inboxes and is sent from an e-mail address which resembles the authentic NatWest address. In a twist from past fraud campaigns, the scammers try to trick the users into thinking that they will get a reward, instead of a warning to urgently change passwords.

NatWest clients are told they can win a £100 gift certificate, is they complete the form. If they follow the link included in the email they will land on a phishing page that requires their usernames and passwords. By giving away their credentials, and then their banking and credit card details to receive the reward, clients fall victim to credit card fraud or identity theft.

“Bank phishing is successful because it deals directly with the subject of cash – a subject that creates panic, joy or other strong emotions in users’ minds,” said Bitdefender Chief Security Strategist Catalin Cosoi. “An attack such as this one can spread like wildfire through a spam campaign. When users read they have won a reward or they will have their accounts deleted in 24 hours, many forget caution, and hastily give away personal details.”

In order to be stay safe from such phishing attacks, users are advised not to click on links inside email messages apparently coming from their bank or share information until they check it’s a secured web page of the authentic financial institution.