Friday, October 10, 2008

CIMB Phishing Alert

It seems like the scammers are working extra hard nowadays with the economic uncertainties and stuff. Oh wait, even if there is no economic uncertainties, there would still be scammers. You know, the type that always wants the easy way out. You disagree? Scamming is hard work? Well, IF you say so.

Previously its the Maybank Phishing Alert and now its the CIMB's turn. Received an email from fake CIMB Group which is similar with the email received from fake Maybank Group previously trying to get user name, password and the TAC code. By the way, CIMB is a bank based in Malaysia.

CIMB Phishing Email

How to identify phishing email? Most of it are covered in the Maybank Phishing Alert post. Go have a look if you want to know more. Here, I am going to just show the CIMB Phishing email and how to do a simple inspection thus becoming instant Sherlock Holmes yourself. Elementary my dear Watson.

The best is to remain a bit skeptical at all times and as mentioned before, don't log in using email links or even click on email links. Try copy and paste would be the best way because more than often, there will be hidden link. To check whether hidden link exists, move your mouse cursor over the email link and you can see the hidden link at the browser status bar.

Hidden Link

Again, with the risk of being scammed, yours truly go through with the scam process by clicking on the phishing link. Yours Truly am very the good and considerate. =p

The fake website is almost identical with the original website but there are some differences. See for yourself.


Yours Truly go along with the scam and continue with the process hence entered the User ID and Password. It's authentic mmmkay. If you really wanted to know. My user ID is sendmeonemillion and the password is fuckers. Go access my account now. Go.

After that, it asks for the TAC code. There is error validation somemore for insufficient numbers.

Log In page

Fake TAC verification

Error Validation

If up until this stage and you completed the process, you can start to worry now since the scammers have your information. The thank you page is created to thank you for your money.

Quickly change your password or even call up CIMB to alert them regarding the phishing attempt.

Thank You for your money

There you have it. Remember not to click on email links. Spread the awareness to prevent getting scammed since there are still lots of people getting scammed.


  1. that is really dangerous..good post to make others alert to this matter

  2. Hahahahahaha...going through all that to make a blog post. :P

    But at least people are warned. :D


  3. TNH: Yeah, sharing is good.. Spread the awareness so to speak... =p

    宝茹: Always at my readers' service... =p


Leave Yer Revelations