We received an email today with the promise of a $50 credit to my Pentagon Federal Credit Union (PenFed) account if I completed a customer service survey. The “survey” was sent as an attached HTML (web page) file, which, when completed went to the homepage of PenFed.
Apart from the simple questions, the final part of the form asked for the online account usrname and password and also the PIN number for the bank. If anyone did fill in this form, they will have handed over the keys to their bank account and should expect it to empty pretty quickly.
This is a common enough scam, but stands out for the clever use of bait ($50) and the simple but plausible task required to receive the bait. Enough to blind the recipient to the dangers.
What actually happens when you click ‘Continue’ in the form is that the detalils you entered are sent to a Texas-based Comcast computer –
IP Address 126.96.36.199 (Information on this IP from DomainWhitePages Information) and then immediately redirected to the PenFed website where the user will feel comforted by the secure website url (https://www.penfed.org/)
The only real mistake this scam makes is to use untargetted spam to deliver the message. Non-PenFed members are unlikely to click through and the chances are that websites such as Scamdex.com will pick it up and close the operation down. As of this post, the server is still up and running………