# New email scam-RBC fininical group



## 3rd Herd (19 Aug 2007)

mods feel free to move
look what I just got:

edit to add: The sender of this message, information.security@rbc.com, could not be verified by Sender ID. Learn more about Sender ID.

From :  RBC Financial Group <information.security@rbc.com> 
Sent :  August 19, 2007 6:40:22 AM 
To :  xxxxxxxx@hotmail.com 
Subject :  Your Online Banking is Blocked 
  
  |  |  | Inbox 
Remember:
Always look for your
SiteKey before you
Sign In »  No thank you

 Your Online Banking is Blocked

We recently reviewed your account, and suspect that your RBC account may have been accessed by an unauthorized third party. Protecting the security of your account is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive account features. 
To restore your account access, we need you to confirm your identity, to do so we need you to follow the link below and proceed to confirm your information: No thanks
https://www1.royalbank.com/cgi-bin/rbaccess/rbunxcgi?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=Client (link goes to Germany)

Tank  you for your patience as we work together to protect your account.

Sincerely,
Royal Bank of Canada Customer Service


--------------------------------------------------------------------------------

BECAUSE E-MAIL IS NOT A SECURE FORM COMMUNICATION, THIS E-MAIL BOX IS NOT EQUIPPED TO HANDLE REPLIES
If you have any questions about your account or need assistance, please call the phone number on your statement or go to Contact Us. 

--------------------------------------------------------------------------------
© Royal Bank of Canada 2001 - 2007 Privacy | Legal Terms | Trade-marks and Copyrights | Security 
rbc.com is an online information service operated by Royal Bank of Canada.


----------



## armyvern (19 Aug 2007)

Nice fake set-up by that fraud site.

The "1" after the www in the addy should be a big hint that's it's not an actual RBC affiliated site.


----------



## George Wallace (19 Aug 2007)

There is also a TD/CanadaTrust one going around too.


----------



## Fishbone Jones (19 Aug 2007)

I get the RBC ones and CIBC. I don't have an account at either ;D When I got the TD one, the return URL was a dead giveaway


----------



## SupersonicMax (19 Aug 2007)

ArmyVern said:
			
		

> Nice fake set-up by that fraud site.
> 
> The "1" after the www in the addy should be a big hint that's it's not an actual RBC affiliated site.



Actually, the online banking website (RBC it is) actually use www1.

Max


----------



## Strike (20 Aug 2007)

Actually, if someone inputs your card number (by accident or on purpose) and can't get in, RBC will send you an e-mail like that in case the person tried to change the password and didn't answer your 3 verification questions properly.  Suggext you go in to the site from the main home page, change your password, and change your verification questions.

I've had this happen before and called them up right away.  This is what the bank told me.


----------



## geo (20 Aug 2007)

I think that the best suggestion to follow, in a case where you are uncertain of the real identity of a sender, DO NOT use the web link they provide you in their message.

Go to the bank's web address the way you always do your online banking.
If necessary, call the 800 number that you will find on the back of your banking card or the one you will find in the phone book.


----------



## 3rd Herd (20 Aug 2007)

geo said:
			
		

> I think that the best suggestion to follow, in a case where you are uncertain of the real identity of a sender, DO NOT use the web link they provide you in their message.
> 
> Go to the bank's web address the way you always do your online banking.
> If necessary, call the 800 number that you will find on the back of your banking card or the one you will find in the phone book.


I like this option as you know you are getting the "real deal".


----------



## Edward Campbell (20 Aug 2007)

geo said:
			
		

> I think that the best suggestion to follow, in a case where you are uncertain of the real identity of a sender, DO NOT use the web link they provide you in their message.
> 
> Go to the bank's web address the way you always do your online banking.
> If necessary, call the 800 number that you will find on the back of your banking card or the one you will find in the phone book.



Good advice, geo.

Your bank does *not* send you E-mail asking for account details. When you get one of those E-mails it *IS* a scam - you can bank on it!


----------



## PMedMoe (20 Aug 2007)

Makes you wonder, though, how many people out there do reply to these scammers?  ???


----------



## formerarmybrat23 (20 Aug 2007)

I'm not sure about RBC but Td has an area on their online banking site to report such emails.

https://www.tdcanadatrust.com/easyweb5/help/banking/report.jsp

tracked down RBC's site for reporting a fraud

http://www.rbc.com/security/contact-security.html

be aware. Its best just to delete any emails of this sort. Don't even open them. Close that Browser and Open a new one and log in to your banking website. Any offical messages should be in your message box there. And ofcourse if there was an emergency you would probably get an old fashioned letter or phone call.


----------



## Mike Bobbitt (23 Aug 2007)

The link above is legit, however the "underlying" link - the one you can't see - almost certainly would have taken you to the phishing site. For my peace of mind, I have Outlook set to never read e-mail as HTML, which can be used to hide the true intent. In Outlook, you can do this by going to Tools --> Trust Center --> E-Mail Security --> Check both boxes under "Read as Plain Text.

When you view a message as HTML it could appear as above, the link would appear legit:

https://www1.royalbank.com/cgi-bin/rbaccess/rbunxcgi?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=Client

However when you read as plain text, you can see what's really going on:

https://www1.royalbank.com/cgi-bin/rbaccess/rbunxcgi?F6=1&F7=IB&F21=IB&F22=IB&REQUEST=Client <http://www.checkmaterecordscorp.com/thumb/update/rbcaccess/rbunxcgi_F6/IB_REQUEST_ClientSignin_LANGUAGE_ENGLISH.htm>

Makes it much easier to see when an e-mail is bogus. Another method... if you think it's legit or aren't sure, don't click the e-mail link... use the existing link/bookmark that you usually use to log in. That way you never go to a phishing site but can verify that your account is still OK.


Cheers
Mike


----------



## geo (23 Aug 2007)

Right you are Mike.


----------

