Phishing emails impersonating banks are very common, this is likely because Banks are custodians of financial assets and many like First Bank have a large customer base (above 10 million). So for the scammer this presents a unique opportunity in terms of numbers and pecuniary benefits to get returns on investments made in time and logistics.
The Screenshot below shows a recent Phishing email impersonating First Bank Nigeria. The goal of this Phishing email is to steal bank credentials and subsequently the victim’s money.
Phishing Red Flags
The first place to begin with evaluating the authenticity of any email is with the sender. Here we see the sender’s domain address is a look alike to that of First Bank (firstbanknigeria.com). Knowing this is a fraudulent email, we should ask how this is possible. What you are seeing is a rather common method of electronic
impersonation called “spoofing.” Spoofing happens when a sender of an email makes a mail they sent look like it came from someone else. Hence, you should not trust the sender’s address you see on any mail, as this can be doctored.
Another important observatory point to note is the receiver’s email address. Here we see that it is sent to “Recipients.” This is where we should put on out thinking caps and ask more questions. If your bank wanted to inform you that your token, or ATM card was expiring would they send the mail to so many people? The answer is no! Typically, the mail should be come to only you but here we see that it was sent to a lot of people.
The above point leads us to the next red flag in the mail, it is not personalized. You can observe it starts with “Dear Customer.” If your bank is sending you a mail about an issue surely they would begin by addressing the mail with your name or refer to you with your name at some point in the email. Since this was sent out to a lot of people the scammers couldn’t personalize it to the recipients.
The next thing we can observe in this email is that it uses fear to try to get the receiver to take an action. The email makes a bogus claim that the receiver’s token will soon expire and they would consequently loose access to their funds.
Critical Thinking to the Rescue
Here, as before, pausing to think is important. Tokens do not have an expiry date and an account cannot be frozen because of a token.
Also, make it a habit to pause when you receive any email asking you to click on a link. During the pause ask yourself the following questions:
- Does this email come from someone or an organization I know?
- Was I expecting this email?
- Do the contents and the actions I am being asked to perform by this email make sense?
- Does the email employ emotional tactics such as fear, greed, and/or curiosity?
The answers to these questions can aid you in flagging an email as malicious or genuine. Finally, if you have an online account or profile on the service, login and see if you have any notification concerning the email sent to you. For instance seeing a notification
on your First Bank online portal concerning an issue in which you have just received a mail, further authenticates the email as genuine.