It seems like the scammers are working extra hard nowadays with the economic uncertainties and stuff. Oh wait, even if there is no economic uncertainties, there would still be scammers. You know, the type that always wants the easy way out. You disagree? Scamming is hard work? Well, IF you say so.
Previously its the Maybank Phishing Alert and now its the CIMB's turn. Received an email from fake CIMB Group which is similar with the email received from fake Maybank Group previously trying to get user name, password and the TAC code. By the way, CIMB is a bank based in Malaysia.
CIMB Phishing Email
How to identify phishing email? Most of it are covered in the Maybank Phishing Alert post. Go have a look if you want to know more. Here, I am going to just show the CIMB Phishing email and how to do a simple inspection thus becoming instant Sherlock Holmes yourself. Elementary my dear Watson.
The best is to remain a bit skeptical at all times and as mentioned before, don't log in using email links or even click on email links. Try copy and paste would be the best way because more than often, there will be hidden link. To check whether hidden link exists, move your mouse cursor over the email link and you can see the hidden link at the browser status bar.
Again, with the risk of being scammed, yours truly go through with the scam process by clicking on the phishing link. Yours Truly am very the good and considerate. =p
The fake website is almost identical with the original website but there are some differences. See for yourself.
Yours Truly go along with the scam and continue with the process hence entered the User ID and Password. It's authentic mmmkay. If you really wanted to know. My user ID is sendmeonemillion and the password is fuckers. Go access my account now. Go.
After that, it asks for the TAC code. There is error validation somemore for insufficient numbers.
Log In page
Fake TAC verification
If up until this stage and you completed the process, you can start to worry now since the scammers have your information. The thank you page is created to thank you for your money.
Quickly change your password or even call up CIMB to alert them regarding the phishing attempt.
Thank You for your money
There you have it. Remember not to click on email links. Spread the awareness to prevent getting scammed since there are still lots of people getting scammed.