Analysis by: Neil Yves Pondo

Cybercriminals are constantly thinking of elaborate schemes to trick users into giving up their information. We spotted a phishing email that pretends to be from the Philippine bank China Bank. A supposed security advisory, the email informs users their account has been locked and they need to contact technical support to unlock the account. A link is provided so that users can contact support immediately.

Upon clicking the link, users will be directed to a phishing site that looks similar to the official China Bank website. This phishing page first asks for the username and password.

Fake login page

Afterwards, users will be directed to another page that asks for more sensitive information, such as phone numbers and email addresses. Should users proceed, they will be directed to the legitimate China Bank site.

Redirected phishing page

Users are advised to proceed with caution when dealing with these types of email. To address major concerns, it’s best to contact the bank directly through phone or even through a personal visit to a branch. Be wary of clicking links in messages, especially if they are related to financials.

 SPAM BLOCKING DATE / TIME: September 29, 2013 GMT-8
  • ENGINE:7.0
  • PATTERN:0184