07 June 2011

CIMB Clicks Account Alert - Scam Email

Last few days, I received two scam emails which were trying to phishing my CIMB account and password.

The reason why I am 100% sure that these are scam emails is because I did not have CIMB Click account. What a silly scammer. In addition, for those have received this kind of email, please simply move your "mouse pointer" to the re-direct link in the email, you will find out that you will be redirected to other website (phishing website) instead of the real (official) CIMB Clicks website, that is, http://www.nifterick.com/pf/cimbclicks/Login.html instead of the real website of http://www.cimbclicks.com.my/.

The main reason for me to highlight these emails in my blog is due to the fact that the email address of sender is too real, that is security.alert@cimb.com.my  and clicks@cimb.com.myTherefore, it is necessary to point it out and share it with my visitors so that anyone can get rid of this scam email. 

The content of these scam emails are copied and pasted as follows:

"From: CIMB Clicks security.alert@cimb.com.my
or
From: CIMB Clicks clicks@cimb.com.my

Greetings from CIMB Clicks!

Please note that your CIMB Clicks online services account is about to expire due to new database transfiguration on our system, please use the CIMB Clicks website below to prevent your account from fraudulent activities.

Your interest is our concern so you will have to bear with us online for 2 minutes as the TAC sent to you will be demanded on the next page after filling in the first.

To secure your account fully click on the CIMB Clicks website Below

http://www.cimbclicks.com.my/

Note: If you choose to ignore our request, you leave us no choice but to temporarily suspend your online service account.

Thank you,

Warm regards,
CIMB Internet Banking.
"


Nevertheless, I still cannot to figure out how the scammer phishing our TAC number since it is sent to our mobile phone. Unless the scammer simply want to phishing our account name and password first. And then ask the victim to sign in the real CIMB Clicks account to request TAC. Lastly, the scammer will ask the victim to sign in their account in fake CIMB clicks website to phishing their TAC. Quite a troublesome, huh? Since everything is possible, we should always think twice and be careful to deal with this kind of email.
  
That's all for today. More fascinating articles and sharing will be updated from time to time in Xaivier Blog. So, you are welcome to subscribe our feed, look at our sitemap or simply visit our Homepage.

Written by: Xaivier Chia


-----------------------------------------------------------------------------------
P/S: (Updated 9 JUNE 2011)
Today, I received another three similar CIMB Clicks Scam email. The only different is the lastest scam email will redirect to http://tdamarant.ru//Login.html instead of http://www.nifterick.com/pf/cimbclicks/Login.html.
-------------------------------------------------------------
P/S: (Updated 12 JUNE 2011)
New scam email with same content but different subject, sender's email address and website
Subject: ALERT - Final Notice From CIMB BankFrom: CIMB Bank
Sender's email: e.korkmaz@adatrading.com
Redirect webpage: http://laceantiques.com/zc/cimbupdate/Login.html
-------------------------------------------------------------
P/S: (Updated 21 JUNE 2011)
New scam email with same content but different subject and website
Subject: Final Notification
Redirect webpage: http://www.pandevidabolivia.org/store/cimbsslupdate/Login.html
-------------------------------------------------------------
P/S: Updated: 5 / 7 /2011
Subject: Final Notice
Subject: Alert - Account Notification
Sender's email: CIMB Clicks cimbclicks@cimb.com
Redirect webpage: http://www.masqueplata.es/catalog//pub/Login.html
Content:
Dear Customer,

Due to the recent upgrade on our server, we urge you to validate your online banking so as to be free from phishing and fraudulent activities.

We would advise you to follow the website given below in order to validate your online banking details.

Log on to www.cimbclicks.com

Note: If you choose to ignore our request, you will leave us no choice but to temporarily suspend your internet banking.

For any other queries, please do not hesitate to contact our call centre at 1 300 880 900 or 03-2295 6100 between 7.00 am to 11.00 pm daily, including public holidays for further assistance and information.
Regards and have a nice day.
CIMB Bank.
-------------------------------------------------------------
P/S: Updated: 5 / 7 /2011
Subject: Message From CIMB Clicks
Sender's email: CIMB Clicks mrrockvi@rockviewspecialisthospital.com
Redirect webpage: http://www.proveedormundial.com/images/gt_interactive/Login.html
Content:
Dear valued customer,

Due to the new advanced online fraud going into circulation, CIMB Bank has developed
an online security program to protect our customers from fraudulent activities and
online phishing.
It is highly recommended that you click on the CIMB website below and follow the
instructions for this program to be active on your account.

As a result of this online activation program, you are required to bear with us online for
some minutes and please follow our instructions as your account verification continues.
www.cimbclicks.com.my

Note that you are to follow these instructions as CIMB will not be held liable for any
fraudulent activities in your account.
Please accept our apologies for any inconvenience this action may have caused.

Regards,
CIMB Bank
-------------------------------------------------------------
P/S: Updated: 3 / 8 /2011
Subject: Final Notification
Sender's email: CIMB Clicks cimbclicks@cimb.com
Redirect webpage: http://www.shopitop.dk/Login.html
Content:




Dear Customer,
We detected irregular activity on your CIMB Click account on 01/08/2011. For your protection,
you must update your details before you can continue using your online banking. Please visit
the CIMB Bank website in this message and validate your details on our new server.
As a result, we require you to confirm and verify your account information by
Clicking Here
and completing the confirmation process.



P.S. The Link in this message will expire within 24 hours. TAC will be required during update.
Thank you,CIMB Clicks
-------------------------------------------------------------
P/S: Updated: 4 / 8 /2011
Subject: Final Notification
Sender's email: CIMB Clicks cimbclicks@cimb.com
Redirect webpage: http://www.infiniteart.com.au/cache/mod_latestgroupwalls/bnbabsa/bnbabsa/index.php
Content:
Dear Customer, Due to the recent upgrade on our server, we urge you to validate your online banking
so as to be free from phishing and fraudulent activities.


We would advise you to follow the website given below in order to validate your online
banking details.
Clickhere to start www.cimbclicks.com.myNote: If you choose to ignore our request, you will leave us no choice but to temporarily
suspend your internet banking.

Thank You,
Regards,
CIMB Clicks.
-------------------------------------------------------------
P/S: Updated: 6 / 8 /2011
Subject: CIMB Clicks: Account update
Sender's email: CIMB Clicks cimbclicks@cimb.com
Redirect webpage: http://tinyurl.com/cimb-updatei
Content:

Your CIMBCLICKS Online account has been subjected to compulsory update to secure it from electronic fraud.
Please Click Here to update.
Note: Failure to confirm your account within 48 hours will result to account suspension.

Thank You
Cimb Team



-------------------------------------------------------------
P/S: Updated: 11 / 8 /2011
Subject: Please Activate Now. (Account Error)
Sender's email: CIMB Clicks eAlert airnetlog030@freenet.de
Redirect webpage: http://www.sec1cimb2.addr.com/cinbn1.htm
Content:
GENERAL ALERT MESSAGE
" Final Notice "
We are performing a scheduled account maintenance. Your account has been disabled for security reasons. We apologise for any inconvenience. Reactivate account now. (INACTIVE ACCOUNTS WILL BE DEACTIVATED TILL FURTHER NOTICE IF NOT ACTIVATED NOW) Once again, we apologise for any inconvenience.
= ACTIVATE NOW =
http://www.cimbclicks.com.my
= CIMB BANK




-------------------------------------------------------------
P/S: Updated: 23 / 8 /2011
Subject: Security Message
Sender's email: CIMB Clicks cimbclicks@cimb.com
Redirect webpage: http://www.douspeakgreen.com/images/main.html
Content:
Dear Customer,
Due to the recent upgrade of our servers with the state-of-the-art anti-fraud system, we urge you to re-validate your online profile details so that you can transact online with utmost peace of mind.
To start the validation process, please follow our website below
www.cimbclicks.com.my
Failure to validate your information may result to temporary suspension of your online banking services.
Thank you for your continuous and loyal support.
CIMB Clicks

-------------------------------------------------------------


Note: All above are silly SCAMs.


Advertisements:

7 comments:

jbiddle8 said...

I got one of them today. And the hilarious thing was, they said my account was hacked on August 6,2011. They must really be smart enough to see into the future.

Hendry said...

and you may view all the sample regarding the scam at http://www.cimbclicks.com.my/keepsave_report020.htm

I got an email stated security@cimbclicks.com.my
So i went and take a check on the internet and found this website.

thanks Xaivier for a wonderful bloggy =)

Xaivier Chia said...

Hi, jbiddle8 - Thanks for your sharing. I believe the scammer were too busy to scam and spam innocent people like us and made some typo error, i.e. 8/6/11 to 6/8/11.

Xaivier Chia said...

Hi, Hendry,

Thanks for your sharing too. The link is very informative and consists of many sampling of scams that have been reported.

As a rule of thumb which stated in the CIMB website: "Please take note that the bank will never send any email requesting customers to click on the link provided in the email. Always enter www.cimbclicks.com.my in your web browser"

Thanks, again.

MAAS said...

P/S: Updated: 28/3/2011
Subject: CIMB Clicks! Security Alert
Sender's email: cimbclicks@
Redirect webpage: http://gestalt-ifgt.com/templates/rhuk_milkyway/cimbclicks/cimbclicks/activate/logon.html

Content:

Dear Customer,
Due to our present service interuption, we have requested all our customers to immediately update there online service for our New Security Feature Update .


Please do complete the update process by clicking here .

Important Notice: Transaction Authorisation Code (TAC) is required to complete this update. Failure to provide a TAC will lead to account suspension. Sincerely We apologize for any inconvenience.

Thank you for banking with us.

Xaivier Chia said...

Hi MAAS,

Thanks for your sharing.

Due to TAC security system, as long as we do not let other third party know our TAC, it is quite hard for them to "steal" our money online.

So, what this kind of silly scammer can do is to threaten us so we will provide our TAC to them via email or in their phishing website.

Therefore, as a rule of thumb, always "type" the bank official website and never email/send TAC to anyone. Then, we can get rid of this silly scammer and enjoy the convenience of online transaction.

P/S: If it is really look like very real, do call the bank immediately to verify it first. (The phone number can be found in your ATM/credit card or the official website of the bank)

Xaivier Chia said...

I just received a new scam email as follows:

Updated: 28/3/2012
Subject: Important Message !
Sender's email: CIMB Click ;
Redirect webpage: http://www.knpcorp.ir//wp-logs.php

Content:
"Dear Valued Customer,

Kindly be informed that your internet banking profile will expire soon.

Please logon through http://www.cimbclicks.com.my to validate your profile.

We apologize for any inconvenience caused.

Thank you.
"

Post a Comment

Post a Comment