pslewis

Dear Sir/Madam,
Barclays is proud to announce their new iBank upgrade.
We have updated our new iBank SSL secure servers to give our
customers a better, faster and more secure online banking
services for the year 2006.

Due to the recent update of the servers, you are requested to
update your account using the following link:

http://ibank.barclays.co.uk..............LoginMember.do


J.S. Smith
Security Advisor
Barclays Bank PLC.

Scudy23

iTrader: (2)

If it was emailed m8 i wouldnt even bother with it..... so many tw@ts on the net trying to rip you off

Moonloops

He knows that..

Richard_P

It's not a possibiity of a scam. It is one!

Scudy23

iTrader: (2)

You guys were waiting for some plonker to responde first werent you ..lol.

Scooby-Doo

Are you sure it was from Barclays and not Mazda trying to sell you an MG

2000TLondon

Well, it's actually written in plausible English!

I've been getting them from Chase Manhattan, usually the author has the same grasp on the English language as a three year old! A poorly educated three year old at that!

fast bloke

Haven't read the link but sounds like more new labia stuff?..... people trying to rip you off?

pslewis

Thats right ......... people only starting ripping other people off when New Labour became the most successful government in living memory

Pete

GrahamG

I like the way you were contacted by the Security advisor. they are taking the ****! Bloody Nigerians!!!

douglasb

Your Alzheimers is kicking in again,Pete.. You were reminded a couple of days ago just how unsuccessful your hero Tony and his cronies are.

Crapaud62

Not sure if this is a double bluff by PSL but the link IS a genuine Barclays link.

If you actually go into the link without the ....... it takes you to the main site.

Am I missing an "in joke" here?

Now if it has been sent to a non-BArclays customer then agreed that is a security issue.

NB did I mention that I work for Barclays Compliance Dept?

Would be very interested in exact email address of sender of message to PSL and full web link given without the .......

PSL, please pm if you wish. (Unless you were just trolling and I've bitten cos it is early in the morning). I can soon find out who J S Smith is but I doubt very much he is Nigerian.

Chris L

It's not genuine - they could have easily ripped the graphics and layout from the official site.

The give away is in the URL posted up. The message says they are using SSL (which is a form of secure encrypted connection), yet the URL starts 'http', when it should be 'https' ('s' as in 'secure'). Goto the official Barclays site and click 'logon' for their online banking service and you'll see what I mean.

Chris

Peanuts

iTrader: (15)

must be pretty good then to catch out a Barclays employee!

scooby_matt

I been getting these type of emails from Barclays for months now. Just recently started getting them from the Halifax. I've never banked with either

Chris L

We do a lot of social engineering attacks (I work for an IT security consultancy) - we've even gone as far as to do build fake websites and register similar looking domain names - you'd be amazed at how easy it is to be fooled by this stuff. 99% of people simply don't know what to look for and are far too trusting. Never let anyone tell you that IT security is a technical issue - it isn't - it's a people issue

stevencotton

Too right, I've even been the 'mark' of a social engineer calling me up and
asking me questions about things he shouldn't have been asking, gave a false
name and number when I asked to call him back, quite amusing

Chris L

It wasn't me honest

Crapaud62

Chris L and others

Interesting

When I cut and pasted the original link as shown on PSL's post it obviously doesn't open due to the ........

When I edited it back to just the http://ibank.barclays.co.uk and then hit enter again it then takes me to the httpS site of "Barclays". It then defaults to the Barclays site login at https://ibank.barclays.co.uk/olb/q/LoginMember.do
which appears to be the same as what PSL posted apart from it shows as https rather than http.

Now I'm confused?

Could be because:

It was early in the morning and was not fully awake or

I had the "real" Barclays sites already open on other windows on my PC, or

I'm a stupid **** who knows nothing about websites and hence I worked in Compliance and not IT

HOWEVER, if you follow the link above and click on the "online security" it opens another window. This window is "only" http but includes examples of scam emails including ones coming from J S Smith Security Advisor.

I would be very interested if the IT experts on here could explain to a non IT muppet like me how this appears to fluctuate between obviously fake sites and sites that appear, with the https prefix, to be genuine?

Why would a scammer include an example of his own scam emails???

Part of the problem is that Barclays recently changed the whole appearance of their online banking but didn't think to tell any of their customers. Consequently, they were flooded with calls asking if the new version was genuine as nobody recognised it and many people were suspicious. Barclays got fed up of telling everyone that the site had been changed and it was all OK. Obviously, some enterprising IT geek/nigerian/scammer probably realised that this was a great opportunity to take advantage of Barclays dreadful IT change management?

For a lay man, what is best way to interrogate a web site to test its validity?
The https is obvious but as noted above, this one defaulted to that prefix.

Chris L

I would have to have a look through to be sure - from what you've said. Simple rule of thumb is that no financial organisation will ever send you an email request to input or change both your username and password in this way. Treat EVERY email you receive like this as dodgy and delete them.

Mungo

Who haven't been known as that for about 5 years!

Scooby-Doo

It is quite easy for the address in the address bar to be fake and you are actually taken to an alternative site that has no connection with the address in the address bar. Even if it says www.barclays.com you are probably going to www.givemeallyourmoney.com Never goto a financial website from a link ALWAYS type it in.

Trout

iTrader: (1)

I have had dodgy emails that have links that 'look' right and if you cut and paste them take you to the original and genuine site. However the 'hyperlink' in the actual email takes you to the dodgy site.

It could well be that PSL cut and paste and so it is taking you to the genuine site. I had exactly the same thing when I pasted an PayPal dodgy mail on here - when people went to look it went to the PayPal site. In the email it did not

Always type the link in yourself - the PayPal clone was perfect - except it wanted just too much information.

I love to fill in details including addresses of DisneyWorld and InYourDreams as well as well chosen Celtic and Saxon words!

pslewis

I cut and pasted the e-mail content in full as I received it. I removed the central part of the URL only (to stop anyone clicking on it and being directed to the site - if anyone on here is like me, you will have numerous windows open - someone may have been online banking with Barclays, I didn't want them getting the wrong window and compromising themeselves)

But I certainly did not alter the URL other than deleting a central section.

Pete

SJ_Skyline

I would close them now Pete, it's cold outside and we wouldn't want you catching a cold in your frail condition.

ChrisB

That's rife for a cross site scripting attack then.

Crapaud62

Whats one of them then??

As I said I did have several other windows open including genuine Barclays online ones.

Thanks for sensible reply PSL.

pslewis

Normal Service

Pete