If you’re a NatWest banking customer, be wary of the following email which leads to a phishing page. The email paints a picture of fictitious account breaches and the need to secure your “suspended” account to get everything back to normal:

Last notice regarding your account

Dear Customer,

In the wake of evaluating our records, we have discovered that your Natwest record represents a danger of creating invalid activity Natwest treats strategy violations and invalid activity genuinely to ensure the costomers (sic).

As a component of our dedication to keeping your account and individual data protected and secure, We incidentally suspended your account to audit the greater part of your online activity, fix violations, and place defends set up to help guarantee your online account.

In this suspension period you need to give your account certifications to restoring your record in our SSL secured connection underneath.

nwolb(dot)com/Login.ashx

At the end of this suspension period, we will naturally re-enable online services, and screen your record to guarantee agreeability. Please understand that we consider this a necessary step to protect our costomers. We realize the inconvenience this may cause you, and we thank you ahead of time for your understanding and cooperation.

Phishing mail

The email uses the well-worn trick of showing the genuine NatWest website URL in the mail (nwolb(dot)com), but having the text (which is clickable) link to a completely different website – in this case, the decidedly “not very NatWest bank” URL below:

maccosmetics-iran(dot)com/data1/images/js

This slideshow requires JavaScript.

The site asks for the online banking customer number, four-digit PIN, password, mobile number, debit card number, expiry date and debit card security number.

Handing over any of this information would be a bad idea, to say the least.

Feel free to delete the above mail should you receive it and keep your online banking account safe from phishers.

Christopher Boyd