Attack of the Zombie Orkut Phishing Pages

“For Security Purposes, Your Account has been Locked” Barclays Phish

Here’s a rather simple phishing mail currently in circulation which claims to be from Barclays:

Phishing mail

It reads:

For security purposes, your online account has been locked.

To restore your account, please click : Sign into My Barclays Account and proceed with the verification process.

Clicking the link will take the victim to a page most likely hosted on a compromised website.

Phishing form

It asks for name, five digit passcode, DOB, telephone passcode, account number, sort code and debit card number.

After filling in the relevant information and sending it to the phisher, the victim is redirected to a (legitimate) Barclays page about mortgages.

If you or someone you know falls for this one, be sure to contact your bank as soon as possible so they can take the appropriate action.

Phishing emails tend to have a little more effort put into them than this one, but the fake Barclays page is about as good as any other in terms of looking like the real thing.

As always, avoid.

Christopher Boyd

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.