Metrobank Phishing Scam Found

 Analysis by: Jude Israel Bordallo

Trend Micro received samples regarding a phishing attack that uses Metrobank, a banking organization in the Philippines. The message, purporting itself to be an official one from the aforementioned bank, informs the recipient that their account's security validation has expired and requires updating. It then provides a link for the user to do just that.

Should the user go ahead and click the link provided, then they will be led to a phishing page tailored to resemble Metrobank's online banking login page, complete with form fields for customer ID and password. Entry of the details requested at this point would then redirect the user to the bank's official home page, and it's a safe assumption that the details themselves have been stolen.

Users should take extreme caution when dealing with mails such as these. Always double-check the details of the message itself, from the body of the text to the information about the sender. Confirming directly with your bank through other means, such as through hotlines, should also help. Users can never be too careful, especially when sensitive banking information is concerned.

 SPAM BLOCKING DATE / TIME: March 06, 2012 GMT-8
 TMASE INFO
  • ENGINE:6.8
  • PATTERN:8754