Kiwibank Spam e-mail

Forums › Finance and wealth management › Kiwibank Spam e-mail

1080p

1332 posts

Uber Geek
Inactive user

#60806 3-May-2010 17:52

Well this has apparently been going on for a couple of weeks but this can be a warning to those who have not seen it yet; I've just received an e-mail from someone claiming to be Kiwibank.

I have called Kiwibank to report this and forwarded the e-mail (suspicious.email@kiwibank.co.nz is the address to send it to if you have one) and apparently they know about this already.

/* EMAIL **/

(from) Kiwi Bank
(subject) Update & Re-confirm your account details.
(mailed by) ptd.net

You have one new Security Message !

Update and Re-confirm your account details.

Click here to Log In

/* /EMAIL **/

ptd.net looks like a US ISP (PenTeleData - http://ptd.net/tiki-index.php)

onionshed.com (74.208.38.107) doesn't load an HTTP page but appears to be registered to:

registrant-firstname:            Trey
registrant-lastname:             Watson
registrant-organization:         Onion Shed
registrant-street1:              PO Box 43
registrant-pcode:                75943
registrant-state:                TX
registrant-city:                 Douglass
registrant-ccode:                US
registrant-phone:                +93.65563002
registrant-email:                treyandlauren@gmail.com

(http://who.is/whois/onionshed.com/) and is hosted by http://1and1.com/ (lol!)

Now, my geek senses were tingling even before I opened this e-mail as I am not a current Kiwibank customer. The only correspondence I have ever had with them was a few months ago regarding opening an account (I wanted to check out their money manager http://heaps.co.nz/) but I didn't open one as I decided to wait until later this year.

My most urgent concern is that the e-mail address this was sent to - the one I use exclusively for banking/private mail - seems to be in the hands of spammers.

I am concerned that there might have been a leak of customer information somewhere as that e-mail is closely guarded (its a little paranoid, I know) and hasn't been used publicly anywhere online and definitely not in conjunction with Kiwibank (other than said e-mail registration).

I find this slightly annoying as I'm not sure what I can do about this; I deliberately have throwaway Gmail/Hotmail/Hushmail e-mail addresses to use with internet forums, Facebook and the myriad of other places an e-mail address can be leaked easily.

What can I do when an important and trusted NZ company leaks - accidentally or not - my private e-mail address? Has anyone else had an e-mail address they would rather not have shared thrown out into the internet by a company?

1 | 2

19282 posts

Uber Geek
Inactive user

#326145 3-May-2010 18:32

This is always going on for most banks

John

freitasm

BDFL - Memuneh
68892 posts

Uber Geek

Administrator

Trusted

Geekzone

Lifetime subscriber

#326161 3-May-2010 19:27

This is not "spam" it's "phishing". It happens for most banks and people should always be aware of not clicking those links.

These links are referral codes

Kyanar

3214 posts

Uber Geek

Trusted

Subscriber

#326163 3-May-2010 19:31

1080p:
What can I do when an important and trusted NZ company leaks - accidentally or not - my private e-mail address? Has anyone else had an e-mail address they would rather not have shared thrown out into the internet by a company?

Yes. The company initially denied they were responsible, but after about 3 days they discovered that their customer database had indeed been compromised and emails stolen. Only emails though, as the database was extracted from one of their customer forum installations.

alasta

4790 posts

Uber Geek

Trusted

Subscriber

#326166 3-May-2010 19:38

One of our email addresses at work has been getting bombarded with those emails over the last few days. They don't look very authentic at all, but my accounts assistant who is an older lady and a bit naive asked me "how should we respond to those emails from Kiwibank" so it's easy to see how people get caught out.

Tabuti

134 posts

Master Geek

#326169 3-May-2010 19:44

Yup this is phising.

Some of the emails can look very authentic but no bank will EVER send an email like this.

I even have people who are not with Kiwibank that get these types of emails.

Don't follow them & you will be fine

alasta

4790 posts

Uber Geek

Trusted

Subscriber

#326171 3-May-2010 19:48

Tabuti: Don't follow them & you will be fine

Alternatively, follow the link and bombard them with bogus details!

muppet

2297 posts

Uber Geek

Trusted

#326186 3-May-2010 20:48

alasta:
Tabuti: Don't follow them & you will be fine

Alternatively, follow the link and bombard them with bogus details!

This is what I do, yea.
Does it work? No idea. Does it make me feel better? Yes, it does.

kingjj

Baby Get Shaky!
1678 posts

Uber Geek

Trusted

Subscriber

#326213 3-May-2010 22:16

muppet:
alasta:
Tabuti: Don't follow them & you will be fine

Alternatively, follow the link and bombard them with bogus details!

This is what I do, yea.
Does it work? No idea. Does it make me feel better? Yes, it does.

Does it open your computer up to drive-by-download risks? Yes. Does it allow suspicious sites to attack security holes in your system? Yes. Should you follow fake links in phishing emails? No.

Noviota

76 posts

Master Geek

Trusted

#327331 6-May-2010 12:08

I got similar phishing emails and let Kiwibank know.

I was able to track down that they got my email address from http://www.undertheradar.co.nz/ as I had used a disposable address dedicated to them.

bazzer

3316 posts

Uber Geek

Trusted

#327343 6-May-2010 12:28

Noviota: I got similar phishing emails and let Kiwibank know.
I was able to track down that they got my email address from http://www.undertheradar.co.nz/ as I had used a disposable address dedicated to them.

No kidding? Did you ask them about it? If so, what did they say?

freitasm

BDFL - Memuneh
68892 posts

Uber Geek

Administrator

Trusted

Geekzone

Lifetime subscriber

#327344 6-May-2010 12:31

bazzer:
Noviota: I got similar phishing emails and let Kiwibank know.
I was able to track down that they got my email address from http://www.undertheradar.co.nz/ as I had used a disposable address dedicated to them.

No kidding? Did you ask them about it? If so, what did they say?

How do you know the spammers got your email from that website? A database leak?

These links are referral codes

bazzer

3316 posts

Uber Geek

Trusted

#327346 6-May-2010 12:41

freitasm:
bazzer:
Noviota: I got similar phishing emails and let Kiwibank know.
I was able to track down that they got my email address from http://www.undertheradar.co.nz/ as I had used a disposable address dedicated to them.

No kidding? Did you ask them about it? If so, what did they say?

How do you know the spammers got your email from that website? A database leak?

Are you asking me? Noviota was pretty clear that he used a unique disposable address for them. Still, I suppose it could be random or something else. What would you say is most likely?

freitasm

BDFL - Memuneh
68892 posts

Uber Geek

Administrator

Trusted

Geekzone

Lifetime subscriber

#327347 6-May-2010 12:42

If it was a random email for a specific site, cold it be that Noviota's PC was infected by a trojan at some stage, and that trojan harvested email addresses when one of those emails were in his inbox?

These links are referral codes

James Bond

924 posts

Ultimate Geek

Subscriber

#327350 6-May-2010 12:45

I'm also getting many of these lately on a hotmail.com address.

Yesterday I received 2 within 40 minutes.

muppet

2297 posts

Uber Geek

Trusted

#327368 6-May-2010 13:21

kingjj:Does it open your computer up to drive-by-download risks? Yes

Are you making assumptions? Yes.

I'm not using I.E. to start with, I'm not using Windows and I'm using an addon that stops all script/flash etc unless permitted.

In a VM.

I have a second VM (Windows 98, yea!) that I happily run HaHaHa.exe in when it arrives via email, just to see what it does.

Tim

1 | 2