I hate to say it but this is a well-crafted phishing or virus email. It looks very official and legitimate; starting with the bank logo; even the website and email links point to the actual bank website. However, I was specious right away since I don’t do business with Bank Santander and the links point to a site in the United Kingdom.
It took me a few minutes to confirm that this was at the very least a phishing email. The usual tall tell signs were not there; in general, the links our email addressed point to a different email than what it is displayed (test.com is displayed but it points to badsite.com). I guess the sender is counting on the receiver opening the attached word document and not clicking on the links.
The email has some inconsistencies that made me question its validity:
- I don’t recognize the sender
- The sender’s email address (firstname.lastname@example.org) is from a different domain than the bank’s domain name santander.co.uk
- I don’t do business with Santander
NOTE: The links in the email below are highlighted for illustration purposes only; the actual links have been disabled.
From: Santander <email@example.com>
Sent: Thursday, August 29, 2017 4:09 AM
Subject: Important – New Account Documents
Please find attached your secure documents. Please review, complete and return completed documents via email to firstname.lastname@example.org.
If you have any queries relating to the above, feel free to contact us at: email@example.com.
This message was sent to you as a Santander customer, to tell you about important information concerning your account.
Please do not reply to this email. It has been sent from an email address that does not accept incoming emails. Santander will never ask you to supply personal information such as passwords or other security information via email. As an additional security measure, every customer email will be addressed to you personally. If you receive an email from Santander which is not personally addressed to you, or an email requesting personal information, please report this to firstname.lastname@example.org.
Santander UK plc. Registered Office: 2 Triton Square, Regent’s Place, London, NW1 3AN, United Kingdom. Registered Number 2294747. Registered in England. www.santander.co.uk. Telephone 0870 607 6000. Calls may be recorded or monitored. Authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Our Financial Services Register number is 106054. Santander UK plc is also licensed by the Financial Supervision Commission of the Isle of Man for its branch in the Isle of Man. Deposits held with the Isle of Man branch are covered by the Isle of Man Depositors’ Compensation Scheme as set out in the Isle of Man Depositors’ Compensation Scheme Regulations 2010. In the Isle of Man, Santander UK plc’s principal place of business is at 19/21 Prospect Hill, Douglas, Isle of Man, IM1 1ET. Santander and the flame logo are registered trademarks.
You can check this on the Financial Services Register by visiting the FCA’s website www.fca.org.uk/register or by contacting the FCA on 0800 111 6768.
Attached file: Account_documents_31082017.doc (102.8 KB)
As a general rule:
- If you don’t recognize the sender, don’t open or click on the link.
- If the email is from someone that you know but the email looks suspicious or too good to be true, don’t open it; confirm with your friend that he/she intended to send you the email by call or text; don’t reply to the email.
- Ignore and delete any emails that ask for your bank account information, SSN, driver’s license number, Passport number, etc.
- Don’t open any attachments from unsolicited emails, they usually contain a virus.
- Place the cursor on top of the link (Don’t click it!) to reveal the address location where the link will take you (the link may be displayed in the lower-left corner of the screen)