Phishing attempts over text messages are becoming more prevalent. I received an SMS text message that contained a phishing attempt for a Canadian Bank. The message implied that I have received a new notification with this bank and I should visit the provided link. I usually do not click on any links, but I decided to see what would happen when I navigated to the page. 

TD – Phish Text:

The Fake TD Login Page

The fake login page looks very similar to the one that is displayed when you load the real TD web site. The text on the bottom of the fake login page was an exact copy from the real TD login page. The main difference was that the fake site was not functional and only offered the fake login form. If you tried to request any other page, the browser would report an issue with the fake web site. This seemed like an attempt to keep potential victims trapped on the current page. I hope that would have raised a red flag for potential victims.

Fake TD Login:

Real TD Login:

The Scam

This scam is similar to previous bank scams in that it just captures all the input that is passed into the provided fields. Once all the required data is captured the fake web site redirects victims to the real TD login page. This allows any victim the ability to log into their bank account.

This part captures the bank card/access card and the password.

The next part of the phish was to get a customer to send their verification code to them. This is so the scammer could just log into the account without requesting a pin or bypassing the code.

This part ensures that the scammer gets the correct card number. (Read more...)