Phishing Scam Targets Netherlands Bank
Fraudulent E-mail Includes Web Form to Gather Information
According to a blog post by MXLabs, the phishing campaign includes the subject line "SNSBANK: Rekening Activeren" and is being sent from the spoofed e-mail address "SNS Bank
The fraudulent e-mail also includes the attachment "SNS_RekeningActiveren," which when downloaded and opened includes a Web form to complete, according to MXLabs. The filled-in Web form will then be submitted to "hxxp://www.couvreurrivesud.ca/images/go.php" and the user will be redirected to the official SNS Bank website.
"Phishing attempts with attachments are not new," MXLabs explains in its blog post. "It is one of the techniques we've seen emerging last year in order to avoid interception by URL filters when emails are scanned. Even today, we see several different campaigns based on this technique."
MXLabs' blog post includes the contents of the e-mail as well as a screenshot of the Web form included in the attachment.
A message on SNS Bank's website addresses the fake e-mails. The message, which appears in Dutch, when translated warns customers not to act on the fraudulent message and explains that the bank can't always prevent fake e-mails sent out by cybercriminals.