Another Philippine-based bank is being used in a phishing attack that was seen by Trend Micro researchers. The email message asks recipients to check their Philippine National Bank (PNB) online banking accounts for suspicious activity. When recipients click on the links that supposedly leads to personal and corporate PNB online banking sites, recipients are led to a phishing page that resembles the PNB online banking site:
On the phishing page, users' online banking credentials are stolen when they input user name and password on the form found in the said page.
Trend Micro highly advises users to refrain from clicking links found in email messages. For PNB customers, ensure your account's safety by directly accessing the legitimate PNB online banking site. Type the address on your browser's address bar, or access the site via bookmark. Remember that most banks do not encourage customers to verify account by clicking any link in an email.