[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Thursday, 25 March, 2004, 15:36 GMT
Britain sees surge in 'phishing'
Bogus emails
High Street banks have been targeted
UK bank customers have been warned they may be targeted in a new wave of "phishing" scam emails.

The Association for Payment Clearing Services (APACS) has told BBC News Online it is worried by a surge in phishing scam emails in recent days.

Customers of some of the UK's largest banks are being targeted, APACS said.

Phishing scamsters pose as a bank to request personal details as part of a bogus "security check". The crooks then use the details to empty accounts.

Pulling the plug

Internet users have to tread very carefully and take strict precautions when receiving an email purporting to be from their bank
Tom Salmond, APACS

Phishing has been used by fraudsters and organised crime to get customer bank details.

In the past, customers of many of the UK's major High Street banks such as Natwest, Barclays and Lloyds TSB have been targeted.

Banks and the National High-Tech crime unit are working around the clock to close the phishing sites but customers need to beware APACS warned.

If the customer falls for the email scam and enters their details, the scamsters can empty their account or use it to launder money.

APACS said that it had noticed a surge in phishing activity after a period of relative quiet.

A phishing site
A phishing site doing the rounds

The new wave of phishing websites are proving difficult to shut down as operators are hopping servers as soon as banks and law enforcement agencies get close to pulling the plug.

"Since the weekend we have been aware of a surge in phishing activity. Internet users have to tread very carefully and take strict precautions when receiving an email purporting to be from their bank," Tom Salmond, spokesman for APACS told BBC News Online.

APACS reiterated its warning to consumers that they should not respond to emails asking them to enter their bank security details unless they have called their bank first via an advertised number.


Your comments:

It is important to note that some of the comments made below are about replying to bogus bank emails by going to the site and putting in fake details. Now, much as this may seem like fun and you feel like you are getting your own back, when you actually visit the link mentioned in the email it is entirely likely that it will put some spyware on your computer, including keyloggers. This then sends all this information to them on a regular basis, including when you really do go to your bank and enter your real details. The only real action is DELETE THE EMAIL and never go to the sites mentioned. And yes, I do work for a Spam/Internet Filtering company.
Fraser Larcombe

This is my office e-mail address and I have received requests from Barclays and Lloyds TSB for my account details to enable them to update their systems. I obviously do not respond to these, but they are now using the bank's logo's on their e-mail making them look even more authentic.
Alan Gilder, Gt. Yarmouth, England

I get these all the time. They look quite credible, especially as the domain names usually include the banks name. This should be better controlled by the domain registration authorities, after all, what legitimate reason would there be to register the name of a high street bank, if it is not a scam ?
Tim Collyer, Worthing UK

Ebay threatening to close my account unless I resubmit my security details for "verification purposes". Cheeky email, asking not only for my user name and password but also my credit card number and PIN. And in case I didn't know what a PIN was, it reminded me it's the number I use at a service till to withdraw money when using my card!!
Tony, Enfield, UK

If I have some spare time I visit the scam website and enter false details. If lots of people gave them false details they would be overwhelmed with failed transactions.
Gary, Edinburgh UK

I received an email appearing to be from my bank with a link to the bank's web site. I followed the link, logged in to my account, and suddenly realised the email and web site it linked to could have been bogus. Fortunately it wasn't. Genuine banks should not send emails with links to their sites - because fraudsters could replicate those emails and web sites and you could end up inadvertently providing your details on a phishing site.
Steve, Windsor, UK

More worryingly, I have received what I know to be a genuine email from a major online bank, which had been sent via a third party company, and invited me to visit a URL which was not at the normal domain. In this case the URL in question redirected to the genuine banking site, but it wouldn't be hard to construct an email which looked just as authentic, and directed customers elsewhere to a copy of the banking site.
Robert Whittaker, Cambridge, UK

I have had two in the last week from Lloyds TSB. I knew they where scams, even gave a link to the website, but it only had 1 'L' in Lloyds. They had copied the entire original website! and created a page to enter all your details on. The problem is, is that domain registration is now fully automated, and so you can register anything and get web hosting without a single real person being involved.
Tony, London, UK

I get these sorts of e-mails every day. The spelling mistakes are a giveaway for a start. I think anyone who gives their bank details to anyone who asks for it deserves to be ripped off.
Julian Corner, Whitby, England

Tony from Enfield - that wasn't Ebay asking for your account details! Apparently it's easy to change the "from" address on an email to make it look like it came from someone legitimate
George Warwick, Halifax

I've had a few emails and phone calls that always seem to want something "for my security". People calling me from a "Number Withheld" line don't seem to respond well when I ask them to prove their own identity. The most transparent scam I ever got was an email from the bank asking me to visit their site and update my details - it was obviously a scam because I didn't even have an account with the bank in question.
John B, UK

I've received a number of these, purportedly from Lloyds TSB, Barclays and PayPal. Like Gary from Edinburgh, if I have enough spare time I tend to visit the sites and give the phishers some "phony phish phood".
Michael McConnell, Basingstoke, Hampshire

No reputable bank (or even e-bay) should ask for your full details (and never give your PIN to anyone, no matter who they are!) If you get this request, go to the official site (i.e. not using links) and call someone first. Don't make it easy for these criminals to take our hard-earned cash We all have a responsibility to safeguard ourselves and our assets.
Susan Richards, Maidenhead, Berkshire




SEE ALSO:
E-mail scam hits MBNA customers
25 Feb 04  |  Technology
How to avoid the phishing bug
23 Jan 04  |  Technology
E-mail scam targets Nationwide
27 Oct 03  |  Business
E-mail scam targets online bank
26 Oct 03  |  Business
Scam targets NatWest customers
24 Oct 03  |  Business


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific