We have known for decades that many bank emails are fake, designed to steal data, scam or install viruses and keyloggers. Unfortunately, scammers are getting smarter every day, needing special attention.
Recently, I wrote an article about supposed hacks that hacked your computer asking for ransom in bitcoins. This time I want to talk about how these scams are reaching levels that even fool computer experts.
If you are already aware of email scams, probably the first thing you do is look at the sender of the email, but I want to make it clear in this article that this is not enough. Nowadays scammers are able to send original e-mails from bank domains.
Glossary of Article Terms
In this article I want to teach you how to avoid and identify email scams. Maybe you are a layman with internet, for that reason I will leave below a small glossary that summarizes some words mentioned in the article.
Domain - Refers to the URL or Link of the website. For example, the domain for this website you are reading is [kevinbk.com]. The domain of famous banks are [paypal.com] or [itau.com.br], if you are on a website with links other than this, it is probably fake.
Links - They are addresses of the websites you enter or access. Links are like domains, but have longer paths that lead to a particular page. Pay close attention to the words on the link to see if they are authentic.
Why am I writing this article?
Today I opened my email and came across the following message:
The first thing I looked at was the sender. I noticed that the sender belongs to the bank's original domain “itau.com.br“. So for the first few seconds, I didn't suspect the scam; I even wanted to send an email to my manager asking about the issue.
I usually see that some of these emails, even though they belong to the original sender, have some dots in the recipient that indicate they are fake. Usually disguising the name with an email, or using other recipient fields.
As this had none of that, then I started to consider it as true. I only suspected the font color of the button Accessing the Itaú Portal and also the text and the i-token tariff that personally, it doesn't make sense to exist.
I discreetly suspected the links present in the email. I noticed that it directs to domains that don't make sense. The link, besides being huge, redirected to a fake domain itau-requerimento.com and itau-internetbankinggo.com;
How do I know if an email is real?
As already mentioned in my previous story, I will make a list or checklist of steps to identify whether an email is fake or not. If you have any questions about the terms mentioned in the article, read the glossary at the beginning of this page.
- see the domain who sent the email, is it reliable?
- See if there is any indication of e-mail being forwarded or with many recipients;
- Make sure the colors and fonts are really the same as in official emails;
- Check that there is no image with descriptive texts of the company pasted in the email;
- Check the domain of the links present within the article;
- Pay attention to the content of the email;
No bank or company sends emails saying that your account is going to expire, that you need to update something, or that you need to pay a fee, most of the time this is all fake. Pay attention to the content of the emails.
If you start to believe certain content in the email, visit the website directly instead of clicking the link. There are even scams using Mercado Livre and Mercado Pago with new sellers who are starting to use the platform.
Fake E-mails received from banks
I'm going to leave the contents of some fake emails below in order to help those who have questions and search for the contents of the email on Google. I recommend sharing this article with as many people as possible so you don't fall for scams.
Below the supposed email I received from Banco Itau:
IMPORTANT WARNING !!!
Dear Customer.
Through this email, we want to remind you that the account linked to your security device (iToken App/Keychain) has a pending registration update in our system, making it impossible for it to function completely, and consequently, making your access to the service channels:
• ATMs • Internet Banking • Itaú App • temporarily inactive. Therefore, operations such as transfers and payments can only be carried out through your originating agency, with the presentation of your debit card.
• Update
We have made the update available in our system, thus avoiding the payment of R$ 94.49 for the issuance of a new security device.
Below is a fake email from Paypal talking about a limited or about to be disabled account:
Your account has been limited.
Hello, Customer
We've limited your account
After a recent review of your account activity, we've determined you are in violation of PayPal's Acceptable Use Policy. Please log in to confirm your identity and review all your recent activity
You can find the complete PayPal Acceptable Use Policy by clicking Legal at the bottom of any PayPal page.
Below is a fake email from amazon talking about pending orders:
We have placed a hold on your Amazon account and all pending orders.
Tomamos essa ação porque as informações de cobrança que você forneceu não corresponderam às informações registradas com a emissora do cartão.
Para resolver esse problema, verifique agora o nome, endereço e número de telefone registrados no seu cartão de pagamento.
Se você se mudou recentemente, pode precisar atualizar essas informações com o emissor do cartão.
Basta clicar no botão abaixo: